[Remops] Oops! Small problem!
Jeremy Bentham Admin
jeremyadmin at anemone.mooo.com
Thu Nov 6 14:50:34 GMT 2014
On Wed, Nov 05, 2014 at 09:26:11PM +0000, lists at notatla.org.uk wrote:
>
>> I just want to point out that a self-signed certificate is not invalid
>> per se. It is just not signed by a recognized X.509 certificate authority.
>
>Provided we post certs with guidance on how to use them with common cert
>stores I think we will have done what's necessary.
We should also point out that using http (and not https) leaves the user
vulnerable to MITM attacks when downloading keys/stats from a pinger.
They have no idea whether what they received is authentic or not.
--
Jeremy Bentham Remailer Admin
Key fingerprint = D7DE B0DF E6F9 9256 A070 B841 1942 840B 8743 B6B5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.mixmin.net/pipermail/remops/attachments/20141106/6f2e3689/attachment.sig>
More information about the Remops
mailing list