On Wed, 2021-04-14 at 12:50 +0200, Ludovic Courtès wrote: > [...] > > > We could also add a ‘--no-check-certificates’ option to ‘guix pull’. > > > > I think we should avoid adding "use insecure connection" options. Even > > if the code itself is signed. > > “Insecure” is a strong word: it still prevents eavesdropping, which is > the only property that matters in the presence of authenticated > channels.
Maybe call the option '--tolerate-eavesdropping' then? That name: * is technically correct * doesn't suggest the option is "Insecure" * but still sounds like something you don't want * should be clear to people not knowing about TLS' PKI infrastructure, ‘will eventually’™ be replaced with GNS + <insert GNUnet protocol here> or something like that, which wouldn't use such a centralised structure. Thoughts? Maxime.
signature.asc
Description: This is a digitally signed message part
