Re: [dev] Allow secure access to Web site suckless.org
are you claiming Let's Encrypt is trustworthy?!
On 8/3/16, FRIGN <dev_AT_frign.de> wrote:
> On Wed, 03 Aug 2016 12:18:52 +0200
> Christoph Lohmann <20h_AT_r-36.net> wrote:
>
> Hey Christoph,
>
>> HTTPS is not really secure. Do you really trust any CA? How many CA
>> peo‐ ple have you met in your life and really trust them?
>
> there's always Let's Encrypt, but I know what you mean. Masquerading
> still seems to be an issue.
> However, what I think what Paul means is general surveillance. Even if
> you use self-signed certificates on your server, which provide 0
> guarantee that the server you are contacting really is the "right" one,
> it still means the traffic itself is encrypted, with all benefits of it.
>
>> If you would contribute, you would have SSH access. A onion
>> service might be a consideration, to add something similar to
>> »security« as an access method for suckless.org.
>
> Yes, an onion service would be really cool.
>
> Cheers
>
> FRIGN
>
> --
> FRIGN <dev_AT_frign.de>
>
>
Received on Wed Aug 03 2016 - 13:10:06 CEST
This archive was generated by hypermail 2.3.0
: Wed Aug 03 2016 - 13:12:24 CEST