Josh Triplett <j...@joshtriplett.org> writes: > https:// avoids MITM;
If you aren't doing certificate pinning, I don't think you can really say this with a straight face. It makes MITM moderately harder, at the cost of giving money to a bunch of exploitative clowns who have no concept of what security means. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87pp5l5l8p....@hope.eyrie.org