Ask HN: SSH browser traffic?

3 points by a1g 15 years ago | 2 comments

Why not ssh web browser traffic?

Instead of using SSL Certificate Authorities, which can't be fully trusted in the first place.

zerohp 15 years ago |

You could just remove all the CA's from your browser and it would be nearly the same as using SSH. The only thing the CA is doing is answering this question for you:

  The authenticity of host 'x.x.x.x (x.x.x.x)' can't be established.
  RSA key fingerprint is 2f:db:11:aa:b0:13:48:64:50:cc:94:73:7b:aa:57:78.
  Are you sure you want to continue connecting (yes/no)?

Removing CA's without an alternative in place such as Web of Trust means that users have no assurance that the other end of the connection is who it claims to be.

a1g 15 years ago | |

yes, you are correct good sir. I posted this question too early.