Karl Denninger wrote:
Advocating the FORCING of https is IMHO utterly ridiculous for the reasons I pointed out.
This is an important point. Given the differences of opinion noted here there is no good reason not to allow sites to sync over the protocol of their choosing. Of course signed datasets would be excellent, as would verifiable builds, but (also IMO) not good enough to justify forcing of non-encrypted updates.
The issue of potentially-tampered-with source code not only can't be dealt with correctly through the use of https (at least not with the public CA infrastructure that "everyone" relies on for "pedestrian" https) there ARE other means of dealing with it correctly that do not require using https. That's where attention should be focused.
Would have to disagree with this assertion, at least until it can be demonstrated that an alternative signature presharing mechanism would be more secure (than the CA maintained by EFF/LetsEncrypt at least). IMO, Roger Marquis _______________________________________________ freebsd-security@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
