Re: [dev] Allow secure access to Web site

From: FRIGN <>
Date: Wed, 3 Aug 2016 13:00:58 +0200

On Wed, 03 Aug 2016 12:18:52 +0200
Christoph Lohmann <> wrote:

Hey Christoph,

> HTTPS is not really secure. Do you really trust any CA? How many CA
> peo‐ ple have you met in your life and really trust them?

there's always Let's Encrypt, but I know what you mean. Masquerading
still seems to be an issue.
However, what I think what Paul means is general surveillance. Even if
you use self-signed certificates on your server, which provide 0
guarantee that the server you are contacting really is the "right" one,
it still means the traffic itself is encrypted, with all benefits of it.

> If you would contribute, you would have SSH access. A onion
> service might be a consideration, to add something similar to
> »security« as an access method for

Yes, an onion service would be really cool.



Received on Wed Aug 03 2016 - 13:00:58 CEST

This archive was generated by hypermail 2.3.0 : Wed Aug 03 2016 - 13:12:18 CEST