self-signed certificates (was Re: I'd like to get rid of pulseaudio but ...)
Bruno Wolff III
bruno at wolff.to
Mon Jun 1 19:02:04 UTC 2009
On Sun, May 31, 2009 at 13:08:08 -0700,
"Wolfgang S. Rupprecht" <wolfgang.rupprecht+gnus200905 at gmail.com> wrote:
>
> As for the man-in-the-middle attack, I'd imagine the biggest usage case
> is an eavesdropped-in-the-middle and not someone that was able to break
> the data stream and insert themselves. Having an encrypted channel with
> a slightly nebulous endpoint is still better than having an unencrypted
> channel.
For average Joes, the most common problem is going to be that their machine
is compromized. Extra security of https over http for them is barely a
blip.
More information about the fedora-list
mailing list