http subversion URLs should be discontinued in favor of https URLs
TJ Varghese
tj at tjvarghese.com
Fri Dec 8 08:25:46 UTC 2017
On 12/07/2017 10:50 PM, Poul-Henning Kamp wrote:
>
>> You can't have the latter without the former. Assertion of identity is
>> the only protection against MITM eavesdropping or tampering.
> Or more generally:
>
> If you dont/cant trust the other end, why would you trust them to
> keep the communication secret ?
>
I'm curious as to your take on electronic banking. Should they all
merely use HTTP since HTTPS is hopelessly compromised by design? If your
objection is that HTTPS bring nothing to the security table, then it
really doesn't make a difference where it's used and we should all just
stop using it, no?
More information about the freebsd-security
mailing list