Electronic Books

Certificates that are not validated are called self-signed certificates. If you come across a site that has
not had its identity authenticated by a trusted third party, your Web browser will display a message
similar to the one shown in Figure 6-5.
FIGURE 6-5
A pop-up window alerts you when a site is not authenticated.
NOTE
241
Securing Linux 6
This does not necessarily mean that you are encountering anything illegal, immoral, or fattening.
Many sites opt to go with self-signed certificates, not because they are trying to pull a fast one on
you, but because there may not be any reason to validate the true owner of the certificate, and they
do not want to pay the cost of getting a certificate validated. Some reasons for using a self-signed
certificate include:
 The Web site accepts no input. In this case, you as the end user, have nothing to worry
about. There is no one trying to steal your information, because you aren??™t giving out any
information. Most of the time this is done simply to secure the Web transmission from
the server to you. The data in and of itself may not be sensitive, but, being a good netizen,
the site has enabled you to secure the transmission to keep third parties from sniffing the
traffic.
 The Web site caters to a small clientele.


Pages:
495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519