Here's My Cert, So Trust Me, Maybe? Understanding TLS Errors on the Web

Provided by: Association for Computing Machinery
Topic: Security
Format: PDF
When browsers report TLS errors, they cannot distinguish between attacks and harmless server mis-configurations; hence they leave it to the user to decide whether continuing is safe. However, actual attacks remain rare. As a result, users quickly become used to \"False positives\" that deplete their attention span, making it unlikely that they will pay sufficient scrutiny when a real attack comes along. Consequently, browser vendors should aim to minimize the number of low-risk warnings they report.

Find By Topic