On Wed, 1 Apr 2015 10:30:14 +0200, Corinna Vinschen <corinna-cyg...@cygwin.com> wrote: > > +<qandaentry id="faq.setup.mitm"> > > +<question><para>How does Cygwin counter man-in-the-middle (MITM) attacks > > during installation and upgrade?</para></question> > > +<answer> > > The title is too specific, IMHO. What about something along the lines > of "How Cygwin secures the installation process"?
Okay, switched that to: <qandaentry id="faq.setup.install-security"> <question><para>How does Cygwin secure the installation and update process?</para></question> The next question is worded as (which I think contrasts clearly): <qandaentry id="faq.setup.increase-install-security"> <question><para>What else can I do to ensure that my installation and updates are secure?</para></question> > > +<para> > > +A man-in-the-middle (MITM) attack occurs when an attacker secretly > > relays... > I would drop this para. Just refer to > https://en.wikipedia.org/wiki/Man-in-the-middle_attack > at some convenient point in the following para. Just jumping into a list seems too abrupt, especially since there's text after the list. I'll greatly shorten the intro paragraph, and link to Wikipedia. > We already switched to sha512, so you can skip the entire MD5 > consideration. Just describe the sha512 checking. Excellent, will do. > All in all the text looks good to me. You're not interested to improve > other parts of the documentation as well, by any chance? :) We'll see :-). --- David A. Wheeler -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
