Dag-Erling Smørgrav
2017-Dec-07 14:04 UTC
http subversion URLs should be discontinued in favor of https URLs
Gordon Tetlow <gordon at tetlows.org> writes:> Assertion of identity and encryption in transit are separate issues. I > do agree that identity is fundamentally broken with the existing CA > system. I?m more interested in preventing tampering of data in > transit. HTTPS is an easy way to do that.You can't have the latter without the former. Assertion of identity is the only protection against MITM eavesdropping or tampering. DES -- Dag-Erling Sm?rgrav - des at des.no
Poul-Henning Kamp
2017-Dec-07 14:50 UTC
http subversion URLs should be discontinued in favor of https URLs
-------- In message <867etyzlad.fsf at desk.des.no>, =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= w rites:>Gordon Tetlow <gordon at tetlows.org> writes: >> Assertion of identity and encryption in transit are separate issues. [...] > >You can't have the latter without the former. Assertion of identity is >the only protection against MITM eavesdropping or tampering.Or more generally: If you dont/cant trust the other end, why would you trust them to keep the communication secret ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk at FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.