Clint Byrum <spam...@debian.org> writes: > Excerpts from Russ Allbery's message of 2015-05-27 22:23:02 -0700:
>> If you aren't doing certificate pinning, I don't think you can really say >> this with a straight face. > The word is "avoids", it is not "eliminates". What ever happened to > defense in depth? There's no such thing as a perfect solution, but we > can at least lock the doors, right? I'm fine with locking the doors. I'm not fine with paying protection money to a Mafia goon who claims they'll lock your windows, and sort of sometimes does. It's the extortion component that pisses me off about HTTPS. > In the specific case where we'd recommend using https:// instead of > git:// _for Debian's git services_, the cost noted above would not apply > for any Debian users because in theory we can use the Debian-specific > CA. If we can use a Debian-specific CA, we can do cert pinning, since we're then assuming we have some control over the client. I was assuming a general client where we'd have to play nice with the normal CA roots. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87oal4xocb....@hope.eyrie.org
