Josef Lowder wrote:
> When I tried to visit the site https://www.LuftHans.com/unix/
> I got the attached warning message (which I have never seen
> before). What does it mean "... may not be trustworthy"?
It means Hans is a long hair ... and over thirty ... thus not to be trusted.
Actually the problem is the certificate on his site is a self-signed certificate
and not signed (or otherwise issued) by a Certificate authority whos Root
certificate is built into your browser.*
Effectively it means that you can't be (more) certain that the traffic between
you and Hans' website isn't being eavesdropped by some unsavory character. So,
don't give Hans your credit card or SSN or anything. Overall its not terribly
important unless you bank with Hans.
This does bring up the question, Hans why do you only do SSL (actually why not
just do ssl, it doesn't cost anything)? And, Hans, you wanna share the
fingerprint for your CERT out of band so that we can just accept your cert and
thus be "safe".
Austin
* In mozilla goto Edit -> Preferences -> Privacy & Security -> Certificates and
click on the "Manage Certificates" button then the Authorities tab to see what
Certificate Authorities Root Certificates you have ... and if you visit a
website with a proper certificate you will see a little locked lock in one
corner of your browser .. you can typically click on this and view which of
those CAs has issued the certificate for this site.
(text/plain)