HTTPS on, git, reproducible builds

Dag-Erling Smørgrav des at
Fri Sep 18 14:05:42 UTC 2015

Mark Felder <feld at> writes:
> Dag-Erling Smørgrav <des at> writes:
> > Daniel Feenberg <feenberg at> writes:
> > > Is there a reason to encrypt something that is completely public?
> > Watering hole attacks.
> Watering hole attack describes the *site* being compromised because it's
> popular and you know the target(s) will go there. HTTPS is irrelevant.

...or a MITM attack on a site that is popular with your target

Then again, if you have the means to mount a MITM attack you probably
have the means to get a valid certificate.

Dag-Erling Smørgrav - des at

More information about the freebsd-questions mailing list