Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] SSH Issues
- Date: Tue, 25 Nov 2008 14:05:16 +0900
- From: Edward Middleton <emiddleton@example.com>
- Subject: Re: [tlug] SSH Issues
- References: <871vx9o5b1.fsf@xemacs.org> <20081118112601.GC2893@smtp.office.cynic.net> <87y6zgmr1o.fsf@xemacs.org> <20081121111614.GA26444@lucky.cynic.net> <87abbtkxlo.fsf@xemacs.org> <20081124014523.GH17040@lucky.cynic.net> <87prklk32w.fsf@xemacs.org> <87myfpk1jh.fsf@xemacs.org> <20081124114512.GF25364@smtp.office.cynic.net> <87iqqdjeae.fsf@xemacs.org> <20081124234132.GD10406@lucky.cynic.net> <877i6sjx26.fsf@xemacs.org>
- User-agent: Thunderbird 2.0.0.17 (X11/20080929)
Stephen J. Turnbull wrote: > Curt Sampson writes: > > Stephen J. Turnbull wrote: > > > > > But no, HTTPS is *not* analogous to DNSSEC. It serves many purposes > > > without need of authentication or prior communication of any kind. > > > > No, it does not serve those purposes, though there's a very common > > illusion out there that it does. There are MITM attacks in the wild > > based around exactly the common idea that you still have encryption > > without authentication. > > So what? I mentioned how those attacks work in my reply to the OP, > and obviously they apply to HTTPS, too. I didn't say HTTPS with > self-cert works for *all* purposes (for example, my bank had better > authenticate as well as encrypt). But I really don't worry that > somebody's going to go to that much trouble to borrow my Slashdot > password and post derogatory comments about you or President-elect > Obama. I guess the question is whether it is worth using SSL at all in situations where self signed certificates are used. If you considering that a standard SSL certificate cost about $20 a year, and just running SSL requires significantly more system resources the benefits of running a non-authenticated server seem pretty minimal. Edward
- Follow-Ups:
- Re: [tlug] SSH Issues
- From: Stephen J. Turnbull
- Re: [tlug] SSH Issues
- From: Curt Sampson
- Re: [tlug] SSH Issues
- References:
- [tlug] SSH Issues
- From: Stephen J. Turnbull
- Re: [tlug] SSH Issues
- From: Curt Sampson
- Re: [tlug] SSH Issues
- From: Stephen J. Turnbull
- Re: [tlug] SSH Issues
- From: Curt Sampson
- Re: [tlug] SSH Issues
- From: Stephen J. Turnbull
- Re: [tlug] SSH Issues
- From: Curt Sampson
- Re: [tlug] SSH Issues
- From: Stephen J. Turnbull
- Re: [tlug] SSH Issues
- From: Stephen J. Turnbull
- Re: [tlug] SSH Issues
- From: Curt Sampson
- Re: [tlug] SSH Issues
- From: Stephen J. Turnbull
- Re: [tlug] SSH Issues
- From: Curt Sampson
- Re: [tlug] SSH Issues
- From: Stephen J. Turnbull
- [tlug] SSH Issues
- Prev by Date: Re: [tlug] SSH Issues
- Next by Date: Re: [tlug] Looking for a distribution to replace Ubuntu
- Previous by thread: Re: [tlug] SSH Issues
- Next by thread: Re: [tlug] SSH Issues
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |