Re: [dev] Allow secure access to Web site suckless.org

From: FRIGN <dev_AT_frign.de>
Date: Wed, 3 Aug 2016 13:00:58 +0200

On Wed, 03 Aug 2016 12:18:52 +0200
Christoph Lohmann <20h_AT_r-36.net> wrote:

Hey Christoph,

> HTTPS is not really secure. Do you really trust any CA? How many CA
> peo‐ ple have you met in your life and really trust them?

there's always Let's Encrypt, but I know what you mean. Masquerading
still seems to be an issue.
However, what I think what Paul means is general surveillance. Even if
you use self-signed certificates on your server, which provide 0
guarantee that the server you are contacting really is the "right" one,
it still means the traffic itself is encrypted, with all benefits of it.

> If you would contribute, you would have SSH access. A onion
> service might be a consideration, to add something similar to
> »security« as an access method for suckless.org.

Yes, an onion service would be really cool.

Cheers

FRIGN

-- 
FRIGN <dev_AT_frign.de>
Received on Wed Aug 03 2016 - 13:00:58 CEST

This archive was generated by hypermail 2.3.0 : Wed Aug 03 2016 - 13:12:18 CEST