Re: [dev] Allow secure access to Web site suckless.org

From: hiro <23hiro_AT_gmail.com>
Date: Wed, 3 Aug 2016 13:10:06 +0200

are you claiming Let's Encrypt is trustworthy?!

On 8/3/16, FRIGN <dev_AT_frign.de> wrote:
> On Wed, 03 Aug 2016 12:18:52 +0200
> Christoph Lohmann <20h_AT_r-36.net> wrote:
>
> Hey Christoph,
>
>> HTTPS is not really secure. Do you really trust any CA? How many CA
>> peo‐ ple have you met in your life and really trust them?
>
> there's always Let's Encrypt, but I know what you mean. Masquerading
> still seems to be an issue.
> However, what I think what Paul means is general surveillance. Even if
> you use self-signed certificates on your server, which provide 0
> guarantee that the server you are contacting really is the "right" one,
> it still means the traffic itself is encrypted, with all benefits of it.
>
>> If you would contribute, you would have SSH access. A onion
>> service might be a consideration, to add something similar to
>> »security« as an access method for suckless.org.
>
> Yes, an onion service would be really cool.
>
> Cheers
>
> FRIGN
>
> --
> FRIGN <dev_AT_frign.de>
>
>
Received on Wed Aug 03 2016 - 13:10:06 CEST

This archive was generated by hypermail 2.3.0 : Wed Aug 03 2016 - 13:12:24 CEST