http subversion URLs should be discontinued in favor of https URLs

Dag-Erling Smørgrav des at des.no
Thu Dec 7 14:14:27 UTC 2017


Gordon Tetlow <gordon at tetlows.org> writes:
> Assertion of identity and encryption in transit are separate issues. I
> do agree that identity is fundamentally broken with the existing CA
> system. I’m more interested in preventing tampering of data in
> transit. HTTPS is an easy way to do that.

You can't have the latter without the former.  Assertion of identity is
the only protection against MITM eavesdropping or tampering.

DES
-- 
Dag-Erling Smørgrav - des at des.no


More information about the freebsd-security mailing list