Date: Tue, 5 Dec 2017 15:06:59 -0800 From: Yuri <yuri@rawbw.com> To: Poul-Henning Kamp <phk@phk.freebsd.dk>, Gordon Tetlow <gordon@tetlows.org> Cc: freebsd-security@freebsd.org, Dewayne Geraghty <dewayne.geraghty@heuristicsystems.com.au> Subject: Re: http subversion URLs should be discontinued in favor of https URLs Message-ID: <1294e5c4-9554-b9f5-8ea9-13aca5411e9a@rawbw.com> In-Reply-To: <24153.1512513836@critter.freebsd.dk> References: <97f76231-dace-10c4-cab2-08e5e0d792b5@rawbw.com> <5A2709F6.8030106@grosbein.net> <11532fe7-024d-ba14-0daf-b97282265ec6@rawbw.com> <8788fb0d-4ee9-968a-1e33-e3bd84ffb892@heuristicsystems.com.au> <20171205220849.GH9701@gmail.com> <24153.1512513836@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12/05/17 14:43, Poul-Henning Kamp wrote: > The vastly oversold "security" of HTTPS is entirely borrowed from > a confederation of root-CA's which no non-deluded person can ever > seriously trust. Your argument goes like this: https potentially suffers from some vulnerabilities too, so we better dismiss it and go with the weakest solution. Sorry, but this doesn't make any sense. Yuri
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1294e5c4-9554-b9f5-8ea9-13aca5411e9a>