Josef Lowder wrote:
> When I tried to visit the site https://www.LuftHans.com/unix/ 
> I got the attached warning message (which I have never seen 
> before).  What does it mean "... may not be trustworthy"? 

It means Hans is a long hair ... and over thirty ... thus not to be trusted.

Actually the problem is the certificate on his site is a self-signed certificate 
  and not signed (or otherwise issued) by a Certificate authority whos Root 
certificate is built into your browser.*

Effectively it means that you can't be (more) certain that the traffic between 
you and Hans' website isn't being eavesdropped by some unsavory character.  So, 
don't give Hans your credit card or SSN or anything.  Overall its not terribly 
important unless you bank with Hans.

This does bring up the question, Hans why do you only do SSL (actually why not 
just do ssl, it doesn't cost anything)?  And, Hans, you wanna share the 
fingerprint for your CERT out of band so that we can just accept your cert and 
thus be "safe".

Austin


* In mozilla goto Edit -> Preferences -> Privacy & Security -> Certificates and 
click on the "Manage Certificates" button then the Authorities tab to see what 
Certificate Authorities Root Certificates you have ... and if you visit a 
website with a proper certificate you will see a little locked lock in one 
corner of your browser .. you can typically click on this and view which of 
those CAs has issued the certificate for this site.