HTTPS on, git, reproducible builds

Nathan Dorfman na at
Fri Sep 18 14:34:37 UTC 2015

On Fri, Sep 18, 2015 at 04:05:39PM +0200, Dag-Erling Smørgrav wrote:
> Then again, if you have the means to mount a MITM attack you probably
> have the means to get a valid certificate.

If you're that paranoid, there's a nice Firefox extension called CertPatrol
that will alert you to any changes in the certificate's details, or if you
prefer, just the CA chain. Obviously, it won't help you on the first visit --
it's an advanced version of ssh's known_hosts.


> -- 
> Dag-Erling Smørgrav - des at

More information about the freebsd-questions mailing list