Josh Triplett <[email protected]> writes: > https:// avoids MITM;
If you aren't doing certificate pinning, I don't think you can really say this with a straight face. It makes MITM moderately harder, at the cost of giving money to a bunch of exploitative clowns who have no concept of what security means. -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
