http subversion URLs should be discontinued in favor of https URLs

Igor Mozolevsky mozolevsky at gmail.com
Sun Dec 10 18:15:47 UTC 2017


On 10 December 2017 at 18:01, Yuri <yuri at rawbw.com> wrote:

> On 12/10/17 09:51, Igor Mozolevsky wrote:
>
>> Hypothetical MITM-bogeyman and "suits not knowing that I use FreeBSD"
>> doesn't make SVN over HTTP insecure.
>>
>
>
> Read here about Alice and Bob: https://en.wikipedia.org/wiki/Alice_and_Bob
>
> Hypothetical characters are commonplace in security discussions.



They are not "hypothetical characters," they are invented characters that
are used in a threat model. But that's reframing the problem- a
hypothetical threat model is very different to a real threat model.


-- 
Igor M.


More information about the freebsd-security mailing list