Re: pkg_add and TLS

To: Benny Siegert <bsiegert%gmail.com@localhost>
Subject: Re: pkg_add and TLS
From: Joerg Sonnenberger <joerg%bec.de@localhost>
Date: Sun, 2 Jul 2017 15:29:14 +0200

On Sun, Jul 02, 2017 at 02:06:50PM +0100, Benny Siegert wrote:
> > Given that NetBSD ships with no CA roots, I never bothered to add the
> > necessary verification. It would have been more harmful.
> 
> I disagree that it would have been more harmful, as long as cert
> verification is skipped when no certificates are present. Using HTTPS
> with no way to verify certificates is a bad idea.

I quite disagree. Failing to do certification verification in some
situations is certainly far more harmful.

Joerg

Follow-Ups:
- Re: pkg_add and TLS
  - From: Emmanuel Dreyfus
- Re: pkg_add and TLS
  - From: Benny Siegert

References:
- pkg_add and TLS
  - From: Emmanuel Dreyfus
- Re: pkg_add and TLS
  - From: Joerg Sonnenberger
- Re: pkg_add and TLS
  - From: Benny Siegert

Prev by Date: daily pkgsrc CVS update output
Next by Date: Re: pkg_add and TLS
Previous by Thread: Re: pkg_add and TLS
Next by Thread: Re: pkg_add and TLS
Indexes:

Home | Main Index | Thread Index | Old Index