User talk:Indigo

From ArchWiki
Jump to navigation Jump to search

Feel free to leave comments about my wiki edits or other points of interest. Please note I have changed preferences so that the account does not automatically watch articles I edit. --Indigo (talk) 23:31, 1 August 2015 (UTC)

Comments

TLS

Trust is not arbitrary. You trust the CAs you have on your system, and the people controlling those CA can do almost anything regarding MITM. Archange (talk) 10:49, 12 December 2018 (UTC)

Thanks for your comment referring to [1], though I am not sure what you imply. My main reason to call it 'arbitrary' for CA certificates is that concepts underlying gpg directly refer to 'trust' as configurable parameters. So, its usage for a CA certificate is mixing apples and pears to me. Do you prefer the previous version, because it addresses the reader directly with a presumption about which certificates are trusted? Or something else? -- Indigo (talk) 19:43, 12 December 2018 (UTC)
I don’t know either what I would prefer actually. The CA world is a bit shady, what I for sure would prefer is ODNS+DNSSEC+DANE everywhere. ;) Archange (talk) 19:50, 12 December 2018 (UTC)
Ok. Well, on the other hand TLS is a protocol and a lot is relying on it.. Let me share a blog post that I found inpiring on topic. If you don't know it, you will like it. I close this, you're welcome to reopen. Cheers. -- Indigo (talk) 20:46, 12 December 2018 (UTC)