[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: self-signed certificates (was Re: I'd like to get rid of pulseaudio but ...)



On Sun, May 31, 2009 at 13:08:08 -0700,
  "Wolfgang S. Rupprecht" <wolfgang rupprecht+gnus200905 gmail com> wrote:
> 
> As for the man-in-the-middle attack, I'd imagine the biggest usage case
> is an eavesdropped-in-the-middle and not someone that was able to break
> the data stream and insert themselves.  Having an encrypted channel with
> a slightly nebulous endpoint is still better than having an unencrypted
> channel.

For average Joes, the most common problem is going to be that their machine
is compromized. Extra security of https over http for them is barely a
blip.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]