Re: Avoid HTTPS when possible?



"Lasse Kliemann" <lasse-usenet-2012@xxxxxxxxxxxxxxxxxxxx> wrote in message news:5b6b58.6lp.19.1@xxxxxxxxxxxxxxx
After the recent CA desasters, I wonder if one should avoid HTTPS
whenever possible, in order not to create a false sense of
security.

Another problem is that browsers tend to force-feed CAs, even infamous ones such as CNNIC, on users. Removing a CA can be complicated for end users, and removed CAs may be automatically and silently re-added when the browser software is updated.

--
Thor Kottelin
http://www.anta.net/



.