Yuri
2017-Dec-10 18:01 UTC
http subversion URLs should be discontinued in favor of https URLs
On 12/10/17 09:51, Igor Mozolevsky wrote:> Hypothetical MITM-bogeyman and "suits not knowing that I use FreeBSD" > doesn't make SVN over HTTP insecure.Read here about Alice and Bob: https://en.wikipedia.org/wiki/Alice_and_Bob Hypothetical characters are commonplace in security discussions. Yuri
Igor Mozolevsky
2017-Dec-10 18:15 UTC
http subversion URLs should be discontinued in favor of https URLs
On 10 December 2017 at 18:01, Yuri <yuri at rawbw.com> wrote:> On 12/10/17 09:51, Igor Mozolevsky wrote: > >> Hypothetical MITM-bogeyman and "suits not knowing that I use FreeBSD" >> doesn't make SVN over HTTP insecure. >> > > > Read here about Alice and Bob: https://en.wikipedia.org/wiki/Alice_and_Bob > > Hypothetical characters are commonplace in security discussions.They are not "hypothetical characters," they are invented characters that are used in a threat model. But that's reframing the problem- a hypothetical threat model is very different to a real threat model. -- Igor M.