Date: Tue, 12 Dec 2017 17:38:08 -0800 From: Yuri <yuri@rawbw.com> To: Peter Wemm <peter@wemm.org>, freebsd-security@freebsd.org Cc: RW <rwmaillists@googlemail.com>, Igor Mozolevsky <mozolevsky@gmail.com> Subject: Re: http subversion URLs should be discontinued in favor of https URLs Message-ID: <b581be6f-45da-224b-3f68-a27aa43eba14@rawbw.com> In-Reply-To: <3138231.uiVPfnS2VB@overcee.wemm.org> References: <97f76231-dace-10c4-cab2-08e5e0d792b5@rawbw.com> <5A303453.9050705@grosbein.net> <6c9d028c-ac1c-3fc6-8ea2-7ee22c7ffbe8@rawbw.com> <3138231.uiVPfnS2VB@overcee.wemm.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12/12/17 16:37, Peter Wemm wrote: > I think you're missing the point. It is a sad reality that SSL/TLS corporate > (and ISP) MITM exists and is enforced on a larger scale than we'd like. But > it is there, and when mandated/enforced you have to go through the MITM > appliance, or not connect at all. Private CA's generally break those > appliances - an unfortunate FreeBSD user in this situation is cut off. How is > this better? This is certainly better for users because it informs the user. Now he has a choice to use a special override key to use MITMed https anyway or refuse, vs. with http he is not informed. Yuri
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b581be6f-45da-224b-3f68-a27aa43eba14>