Date: Tue, 5 Dec 2017 13:13:25 -0800 From: Yuri <yuri@rawbw.com> To: freebsd-security@freebsd.org Subject: Re: http subversion URLs should be discontinued in favor of https URLs Message-ID: <11532fe7-024d-ba14-0daf-b97282265ec6@rawbw.com> In-Reply-To: <5A2709F6.8030106@grosbein.net> References: <97f76231-dace-10c4-cab2-08e5e0d792b5@rawbw.com> <5A2709F6.8030106@grosbein.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12/05/17 13:04, Eugene Grosbein wrote: > It is illusion that https is more secure than unencrypted http in a sense of MITM > just because of encryption, it is not. It *is* more secure. In order to break it, you have to have compromized https authorities. Some state actors have plausibly done this. http, on the contrary, can be altered by anybody who has access to the wire, which is generally a much wider set. Yuri
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?11532fe7-024d-ba14-0daf-b97282265ec6>