http subversion URLs should be discontinued in favor of https URLs
    Eugene Grosbein 
    eugen at grosbein.net
       
    Tue Dec 12 19:56:14 UTC 2017
    
    
  
On 13.12.2017 01:52, Yuri wrote:
> On 12/10/17 12:45, Eugene Grosbein wrote:
>> No, they don't. You get into MITM and then you have a choice: ignore and run your connection anyway
>> or have no connectivity at all (using this channel). Both are bad, so don't use such a channel from the beginning.
> 
> 
> No, MITM of https with the private CA isn't possible. Please provide 
> references if you believe that the opposite is true.
https://wiki.squid-cache.org/Features/SslPeekAndSplice
You either ignore MITM and proceed with connection anyway or have no connectivity via this channel at all.
    
    
More information about the freebsd-security
mailing list