Thats obvious, I was wondering if there is something else.
There is, it's a bit long, but you can verify the certificate matches based on what theymos posts as the RSA modulus and exponent (65537). If you use Chrome, right click on the lock icon and go "Connection" to "Certificate Information", from there, click Details, Copy To File, Next, Base-64 encoded, Next, then save the file under somename.cer. Open somename.cer with a text editor, copy the text, then go to a site that will pull out the modulus from a certificate like this one:
https://certlogik.com/decoder/
Paste the text, click Decode, and then scroll down to the Modulus and Exponent. In this case you should see:
Code:
Modulus:
00:c8:9d:5f:0e:95:79:ad:b9:9f:6e:b5:16:c9:bd:
12:0e:98:2f:23:08:00:73:3f:71:b2:ce:fb:93:8e:
5f:2a:12:7d:35:c6:91:f3:f6:ec:3e:ab:bd:06:08:
5b:12:c1:6e:96:71:33:20:ba:93:1a:a2:c3:15:56:
6d:de:9b:3f:6f:f4:06:0a:92:06:96:b7:f8:7f:65:
f5:c8:0e:ab:a2:8b:a6:33:11:82:8e:eb:ba:a0:67:
48:93:d1:f0:2b:45:68:5f:07:fd:6f:1f:3f:3e:11:
58:e7:e3:c9:91:24:8f:aa:f9:c9:b2:84:1d:13:67:
94:63:d4:ef:d0:e3:4d:48:4f:f8:47:a7:ec:95:72:
5a:03:f6:94:4f:d5:f7:76:92:ed:55:71:a8:12:14:
e7:be:5e:bf:33:9a:b2:ea:10:d9:54:93:42:25:60:
0c:86:d5:a3:f6:5e:d5:ee:0d:c9:94:23:f2:d6:cb:
24:ee:e0:6c:50:37:2a:9d:6e:41:19:3b:9f:c0:d7:
16:bd:ac:1e:a8:59:d1:0a:23:e4:e8:61:1f:7e:cd:
da:d5:91:74:65:f1:e0:d8:96:d8:28:2c:0f:5e:94:
67:f9:18:b6:d0:4f:2e:39:a4:67:13:51:aa:4b:21:
04:8b:a8:45:91:e0:8c:25:8d:b3:fd:10:d9:61:10:
9d:1f
Exponent: 65537 (0x10001)
That should match the text of this theymos post or whichever future ones he provides.
The vast majority of people will never experience a Man-In-The-Middle attack to a website like bitcointalk.org, however there has been at least one occasion where someone attempted to compromise communication with the forum and changed a certificate (more specifically, the IP the name servers were pointing to, with a valid-looking certificate).
This way you shouldn't be able to access the forums if the IP changes, but this is really not necessary. If something bad happens, theymos will post it and you'll be able to see what you can do to protect yourself.
While this may work for now, he would need to remember to remove it if theymos switched hosts or changed IP addresses. The website may not always be hosted at the 109.201.133.195 IP. It may change to round-robin DNS or a new IP once the new forums are built or for any other reason. We may not always get a heads-up notification that the IP has changed, so it's never a good idea to hard code IPs unless you're doing it for development reasons, IMHO.
