http subversion URLs should be discontinued in favor of https URLs

Eugene Grosbein eugen at grosbein.net
Tue Dec 12 19:56:14 UTC 2017


On 13.12.2017 01:52, Yuri wrote:
> On 12/10/17 12:45, Eugene Grosbein wrote:
>> No, they don't. You get into MITM and then you have a choice: ignore and run your connection anyway
>> or have no connectivity at all (using this channel). Both are bad, so don't use such a channel from the beginning.
> 
> 
> No, MITM of https with the private CA isn't possible. Please provide 
> references if you believe that the opposite is true.

https://wiki.squid-cache.org/Features/SslPeekAndSplice

You either ignore MITM and proceed with connection anyway or have no connectivity via this channel at all.



More information about the freebsd-security mailing list