# Gavin Andresen
# 2010-09-08 13:27:16
# https://bitcointalk.org/index.php?topic=978.msg12226#msg12226

Unlike a public HTTPS web server, which accepts connections from anybody, the bitcoin HTTPS JSON-RPC server will only accept connections from trusted clients, and you'll almost certainly be your own root certificate authority@p{--} there is no reason to pay for a Verisign certificate, you should generate your own and deploy it with the code that is talking JSON-RPC to your server. @p{par}

Or, in other words, since you'll control both ends of the conversation (as opposed to a web server, where you typically control EITHER the server OR the web browser) you can make it completely secure. @p{brk}