

Show HN: Self-signed certs as a service - jenandre
http://lolroot.ca/

======
spellboots
Just in case anyone doesn't realize that this is a terrible idea, this is a
terrible idea.

It's certainly a reasonable position that self signed certs should not have
such a scary warning, but if you install the lolroot root certificate as a
trusted certificate, you will now be completely vulnerable to MITM attacks.

Anyone can pretend to be, for example, your bank, by generating a lolroot self
signed certificate for your banks domain name. You've said you trust them,
your browser won't put up any warning.

I'm sure most people realize this but in case you didn't, don't install it.

------
GrinningFool
[http://pastebin.com/fQ5ftcri](http://pastebin.com/fQ5ftcri)

"Need Support for your self-signed cert? 5k/year - 1 (800) 555 - 5549"

Indeed.

------
mephux
Pretty good idea.

~~~
tlongren
Really, really good idea. Now browser makers (looking @ you Google and
Mozilla) need make self-signed certs feasible by removing the scary warnings.

