http subversion URLs should be discontinued in favor of https URLs
Dag-Erling Smørgrav
des at des.no
Thu Dec 7 14:14:27 UTC 2017
Gordon Tetlow <gordon at tetlows.org> writes:
> Assertion of identity and encryption in transit are separate issues. I
> do agree that identity is fundamentally broken with the existing CA
> system. I’m more interested in preventing tampering of data in
> transit. HTTPS is an easy way to do that.
You can't have the latter without the former. Assertion of identity is
the only protection against MITM eavesdropping or tampering.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-security
mailing list