Moving forward on improving HTTP's security

[kbolino]

As far as I know, self-signed certs have to be approved on a case-by-case basis in most browsers. Thus if a site is hit by MITM, the cert will change and the browser will warn. Of course, that's assuming you've visited the site before and care to pay attention to the warning.

[icebraining]

Besides geococcyxc's remark, how are you to know that the first certificate is legitimate? How are you to know that the new certificate after the old one has expired is legitimate?

If you want pinning, there are better solutions: http://patrol.psyced.org/

[geococcyxc]

Care to elaborate? I do not think you will get a warning if the MITM is done with a certificate signed by a valid CA, even if you have approved some self-signed certificate before for that site. At least I have never seen this in any browser.

[Sae5waip]

You'll be protected against NSA-style snoop-everything passive attacks.

CAs will always be able to MITM you. Like I said: "the notion of CAs is problematic."

There are two caveats:

1) certificate pinning: your browser has a hard-coded list of certificates for all major websites (e.g. Chromium: https://code.google.com/p/chromium/codesearch#chromium/src/n... (scroll down!))

2) there are add-ons (ie Certificate Patrol) that warn you when the certificate changes