i am using curl to do secured FTP, both SFTP and FTPS. however, if i don't use the --insecure option, i will get errors such as "certificate verify failed" and "SSL peer certificate or SSH remote key was not ok". so i am wondering, how important is it to verify the server's certificate? what's the worst case scenario if i don't? if i have to verify cert, things will get tedious during deployment time as i have to download an up-to-date certificate bundle from one of the CAs and specify the location of the bundle. thanks.