
On Sun, Oct 28, 2012 at 04:26:07PM +0100, Changaco wrote:
On Sun, 28 Oct 2012 14:45:02 +0100 Iustin Pop wrote:
Kindly disagree here. Ensuring that packages are downloaded safely/correctly without MITM attacks is also important. Even if as an option.
HTTPS doesn't fully protect against a MITM since there is no shared secret between client and server prior to the connection.
The MITM can use a self-signed certificate, or possibly a certificate signed by a compromised CA.
Sure, but I was talking about a proper certificate signed by a well-known registrar, at which point the https client would default to verify the signature against the system certificate store. Yes, I'm fully aware that this is not fully safe, but I hope you agree that https with a proper certificate is much better than plain http. regards, iustin