On Mon, Oct 28, 2013 at 09:31:35PM -0400, Mark Haase wrote:
> It's a bit ironic that the Debian security site doesn't offer SSL, right?
> If an attacker can MITM an organization that uses Debian, then they can
> MITM the Debian security page and control what security bulletins that
> organization c
On Mon, Oct 28, 2013 at 09:31:35PM -0400, Mark Haase wrote:
> I'd like to suggest that Debian should at least use SSL on their security
> site, even if nowhere else.
Hi,
We are in the process of purchasing SSL certificates for a number of our 'web
properties' including www.debian.org. I hope to
It's a bit ironic that the Debian security site doesn't offer SSL, right?
If an attacker can MITM an organization that uses Debian, then they can
MITM the Debian security page and control what security bulletins that
organization can access.
I'm also concerned because this same domain hosts automa
3 matches
Mail list logo
