This article is related to my other one about the Domain Name System. If you have any interest in this, you should probably read that one as well.
Once upon a time, in the early-to-mid 1990s, the World-Wide Web was born and started attracting users. Right from the start (or at least more or less; we're talking 1994), the rather obvious decision (at the time) was made to have two separate protocols/schemas: "HTTP" and "HTTPS".
HTTP (HyperText Transfer Protocol), which is still the dominant one in the year of 2012, is quick, simple and entirely unencrypted. Any password or other information sent in either direction is transferred in plain text and can be trivially "sniffed" by anyone at any point in the network between your computer and the destination.
HTTPS (HyperText Transfer Protocol Secure), which has traditionally primarily been used for e-commerce and online bank interfaces, is much more "expensive" to compute (slower) but uses TLS (previously SSL) as an "encryption wrapper" around HTTP. HTTPS is HTTP with encryption. In later years, it has become far more common for perceivably "non-critical" sites such as Wikipedia to offer such an interface, but many sites use it only for the login form to save resources while still giving their users some protection.
Note: "TLS" is the successor to "SSL". SSL is still a very common term, but technically wrong when one is referring to TLS, which you more or less always are nowadays. Of course, that doesn't stop people from confusing them and capitalizing on the established but now incorrect term.
While this doesn't exactly have anything to do with Web sites specifically, since TLS/SSL can and are used for many other tasks, this "Certificate Authority" system is built around the hugely flawed idea of "ultimately trusted and authoritative parties" which are shipped with every browser on every computer.
The technical details of setting up a TLS certificate are messy and off-topic here, and also vary between Web servers and systems, but what you need to know is this: somebody must "sign" it. In practice, this means one of these huge, "trusted" corporations, or yourself. Yeah, that's right. You can "self-sign" your certificates, and this would be good enough, except for the little, minor issue that if you do, every single visitor to your Web site (assuming that's what's being hosted) is going to see big, scary warnings urging you to not trust this horribly insecure and untrusted site which is all broken and evil and suspicious because the owner hasn't paid for "protection".
I'm not kidding. All modern browsers try their very best to make you close the tab entirely and surf elsewhere. Even when you know about all of this, it's still scary to see it. It really makes you question the site, even though there is no technical reason to. Let me explain…
In practice, since browser authors (even Mozilla, always claiming to be fighting for your rights and all that) have all ganged up with the CA Mafia, you have to either use HTTP (unthinkable in many cases) or forget about self-signing and paying one of the mobsters. (If they'll even let you. I'll get back to that.)
Apparently, from what I can tell, the purpose of relying on a few big for-profit mega corporations is that they will (in theory) do what it takes to verify the identity of the person/party requesting the certificate. You know, since it's their job and sole purpose for existing. Except nothing could be further from the truth.
I've bought TLS certification a number of times, and not once have I provided any kind of information except what is required by the standard (country and host name), and as far as I can tell, it has been fully automated every time and never even touched by a human hand (but I'm not 100% sure about that). The closest I got to interacting with a human being in this context was the robot which telephoned me to record my name and listen to some code, but that's probably just some legal bullshit and only related to the purchase itself.
And why would I give them information that will be displayed to users if they look? It's clearly not required, and I have no interest whatsoever in doing so either. The only reason I and (presumably) most people who don't run Amazon.com or something like that purchase certificate signing, is to get rid of the fake, bullshit "errors" that all the visitors would otherwise see. Basically, you are paying an extortion fee to the CA Mafia, supported by all the major browser vendors.
So, since there is no actual benefit to anyone except for the Certificate Authority you pick to fork over cash to, the entire point of this system is defeated. Now, let me get something perfectly clear: I'm definitely not against the idea of allowing those who need it to "sign" their certificate with some kind of authority, but then they need to actually verify the identity! And the free/default method (self-signing) should of course not display any errors anywhere. At most, it might have a "yellow" colour of the address bar or something, as opposed to a green one for those who have actually provided details which have been truly verified by a "trusted" third party. (Today, the major browsers give sites with an "extended" verification (which costs thousands of dollars a year) that "green bar" and a yellow/uncoloured one for those who have "only" paid for a useless phony certificate.)
The whole purpose of this system, unless I'm mistaken, was to give people shopping online the confidence and peace of mind to safely trust the store. It was not supposed to harass users of any site that has not paid a ransom to some evil business. And some of us aren't even allowed to pay them!
Yeah, that's right. I hope you've read that other article already, because I won't repeat all of this. Basically, CA companies are just the same as domain registrars: they only care about money and will cave in to harassments and revoke your certificate just as quickly as they will steal your domain if enough people send fake abuse reports. As you probably realize, this has happened to me. For instance, GlobeSSL deleted the certificate and started sending threatening and insulting e-mails about how they were "going to court" to sue me for having the nerve to give them money by using them to sign the TSL certificate for my 100% legal site which they accepted when they verified it (right? Because that's your job, remember?). Yeah, there are a lot of seriously mentally ill people out there with power.
On the technical level, self-signed certificates provide the exact same security level as your Internet bank, provided that you actually connect to the right domain/IP address and not some phishing site.
Naturally, sites that use TLS/SSL but have actually broken certificates should indeed have those big red warnings pop up in their clients' browser. I'm fully in agreement with that. "Broken" can mean a number of things, but it sure as hell doesn't mean "has not been approved by a mobster".
Perhaps the biggest question mark in this whole mess is why browser makers insist on making such a big deal about self-signed certificates. And no, the ability to "add an exception" or "install additional CAs" isn't realistic for the average user, nor acceptable even for those who know how.