On Monday, February 4, 2013 at 7:20 AM, Donald Stufft wrote: > There can be more work in the future in making a reasonable > end to end validation story possible however there are a few > clear and easy wins especially with related to getting a real > trusted SSL certificate paid for and installed and enforcing > SSL.
I should probably note that both SSL and DNSSEC are steps taken by Crate.io to prevent MITM. Crate went so far as to contact Chrome and get crate.io added to the HSTS preload list in Chrome so that in Chrome it's impossible to ever access Crate w/o a valid SSL certificate.
_______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
