From: Lee <ler762@gmail.com>
To: cygwin@cygwin.com
Subject: Re: SSL not required for setup.exe download
Date: Tue, 12 Mar 2019 21:32:00 -0000 [thread overview]
Message-ID: <CAD8GWstOOJqO1Y2bbv_uCc3VM-t3FOQPxUXNQga42Pkm2_j4=A@mail.gmail.com> (raw)
In-Reply-To: <87imwn3jvr.fsf@Rainer.invalid>
On 3/12/19, Achim Gratz wrote:
> Lee writes:
>> I don't think it's a false sense of security. https:// isn't "safe"
>> but it is _safer_ than http://
>
> Unless you are in an environment where an extra root cert is injected
> just to be able to break up the encrypted connection. Which is a lot
> more common than people think and is not quite as easy to check for as
> some folks make it out.
Right - checking the web-site cert on every site gets old fast. Which
is why I liked the firefox cert patrol addon reminding me $WORK had
their "data loss protection" screening in action.
But even with the security office being able to snoop or modify every
one of my https:// connections, it's just the security office people,
so it still seems safer using tls than clear-text connections.
Regards,
Lee
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
next prev parent reply other threads:[~2019-03-12 21:32 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-10 4:54 Archie Cobbs
2019-03-10 13:35 ` Andrey Repin
2019-03-10 16:35 ` Archie Cobbs
2019-03-10 14:16 ` Brian Inglis
2019-03-10 23:20 ` L A Walsh
2019-03-11 3:53 ` Archie Cobbs
2019-03-11 13:13 ` Brian Inglis
2019-03-11 13:22 ` L A Walsh
2019-03-11 13:39 ` L A Walsh
2019-03-10 14:16 ` Brian Inglis
2019-03-10 16:40 ` Archie Cobbs
2019-03-11 3:51 ` Brian Inglis
2019-03-11 5:16 ` Mark Geisert
2019-03-11 11:50 ` Brian Inglis
2019-03-11 13:13 ` SSL should not be " L A Walsh
2019-03-11 13:44 ` SSL not " Archie Cobbs
2019-03-11 19:42 ` Brian Inglis
2019-03-11 22:14 ` Archie Cobbs
2019-03-11 22:59 ` Lee
2019-03-12 13:47 ` Archie Cobbs
2019-03-12 14:31 ` Brian Inglis
2019-03-12 14:58 ` Archie Cobbs
2019-03-15 12:25 ` Brian Inglis
2019-03-28 18:13 ` Erik Soderquist
2019-03-12 19:21 ` Achim Gratz
2019-03-12 19:59 ` Lee
2019-03-12 0:20 ` Andrey Repin
2019-03-12 19:45 ` Lee
2019-03-12 20:35 ` Andrey Repin
2019-03-12 21:14 ` Lee
2019-03-12 21:35 ` Andrey Repin
2019-03-12 22:01 ` Lee
2019-03-12 20:42 ` Achim Gratz
2019-03-12 21:32 ` Lee [this message]
2019-03-12 21:35 ` Andrey Repin
2019-03-12 21:50 ` Lee
2019-03-13 20:50 ` Andrey Repin
2019-03-11 20:24 ` SSL should not be required for open source downloading L A Walsh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAD8GWstOOJqO1Y2bbv_uCc3VM-t3FOQPxUXNQga42Pkm2_j4=A@mail.gmail.com' \
--to=ler762@gmail.com \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).