bas wrote:
But i might be paranoid.
Paranoid suspecting that he might be paranoid? You are in trouble Image may be NSFW.
Clik here to view.
Real certs are stronger by assumption that certification authorities can be trusted. As nobody is standing behind your self-signed cert, where is nobody to "ask" if you can trust given certificate and if it hasn't been altered by a man in the middle. I don't know much about the technical stuff about signing, checking the chains, etc. But i think this is the main reason. Of course, if you are paranoid, you can't trust anything, even your own selfie cert Image may be NSFW.
Clik here to view. Though, not speaking about NSA even, there are known recent examples when CAs are hacked and hackers generate false certificates and use them for their schemes. Nothing can guarantee 100% security.
