| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri Mar 24 10:33:10 2006 From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: Secure HTTP On Fri, 24 Mar 2006 11:58:35 +0200, Q Beukes said: > i just dont want our clear text http traffic to be sniffed > which has been a know problem on our network a few times. If the text is something that you give a flying fsck in a rolling donut about the sniffability, it shouldn't be clear text http. Do the frikking SSL correctly on port 443 like the RFCs intend rather than cooking up some half-assed proxy scheme to work around it. <insert standard "if I had a nickle for every time somebody proposed a partial solution for the wrong part of the problem instead of doing it in the well-understood correct way in the first place, I'd be long since retired" speech here....> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 228 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060324/5b9c5c9e/attachment.bin
Powered by blists - more mailing lists