Am 11. August 2017 12:46:46 MESZ schrieb Ruben Safir ruben@mrbrklyn.com:
On 08/10/2017 04:41 PM, Frank-Ulrich Sommer wrote:
I can't see any security advantages of a self signed cert. I
then you fail to understand the history, like when Microsoft's certs were undermined because the third party authentication agency gave the keys to 2 guys that knocked on the door and asked for them...
-- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com
Being so tracked is for FARM ANIMALS and and extermination camps, but incompatible with living as a free human being. -RI Safir 2013
Of course I know about this risk. But the only way to reduce it is to remove all preinstalled root CAs from all devices you use. It's more important whoom your client trusts than who signed your cert.
Using a self signed cert alone and still using a client with a huge list of preinstalled root CAs will be exactly as vulnerable as using a regular cert with this client. The client will accept a spoofed cert that was fraudulently obtained from one of those root CAs in both cases.
If you configure your client such that it only accepts certs that you manually added you could (theoretically and from a security standpoint) still use certs signed by an external CA that you add manually without compromising security. It's only important that you don't let someone else (e.g. the CA because it's easier...) generate your key pair but that you generate it yourself and only submit a certificate signing request.