On Sun, 05 Sep 2010 22:36:31 -0700, Michael<address@hidden>
wrote:
When trying to register for the LSR, Firefox gave be the "This
Connection is Untrusted" warning, trying to connect to
"lsr.dsu.unimi.it". Is this supposed to be this way, or is the
connection a regular unsecure one? Would it be fine to add an
exception?
The situation is that in order to use the encrypted HTTP protocol,
HTTPS, your browser has to store the web site's security
certificate (which is a fancy word for a public key which has
been certified (i.e. digitally signed) by some trusted
authority).
You have to store that key the first time you connect.
``Adding an exception'' means storing the key.
It doesn't happen automatically, because they key is
``untrusted''. This means that the website operators
did not pay money to some certification racket to have
it signed. They signed it themselves (that's
what the ``self-signed'' certificate means).
Since you don't actually trust this website regardless
of who signed their certificate (do you personally
know the operators of the LSR?) this is all moot!
All you want is to have an encrypted connection to that
site so that someone doesn't easily sniff your password
and take over the account you register. Self-signed certificates
are adequate for that purpose and okay to accept.