useNoSSLForPackages and other badly-conceived options (notice non-hijacked thread!)
Pekka Savola
pekkas at netcore.fi
Sat Sep 27 13:36:08 UTC 2003
On Sat, 27 Sep 2003, Barry K. Nathan wrote:
[...]
> Besides, SSL provides real security. For instance, the fact that SSL is
> enabled by default was a good defense against this hole:
> https://rhn.redhat.com/errata/RHSA-2003-255.html
Note that SSL is just a tool. It depends heavily either on Certificate
Authorities to do their job properly, or "opportunistic" self-signed
certificate exchange working. It gives close to zero protection if you
connect to a HTTPS site X for the first time, and you don't have any
reference to the certificate the site X is using.
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
More information about the fedora-list
mailing list