* Martin Pitt (mp...@debian.org) wrote: > For the record, I don't agree. SSL certificate validation is good, and > should be done as long as you have a cert installed. Encryption > without authentication is not worth a lot, after all.
I disagree, and you *can* do authentication without SSL! The big one being Kerberos/GSSAPI which gives both server and client authentication. There's a big difference between man-in-the-middle attacks and passive network monitoring. Certainly, we should do validation where it's *possible* to do it, but I don't think we should throw out encryption just because we don't have a root cert available for use. If we don't have a certificate it's not possible to validate *anyone*. That's going to be the case for packagers and I just can't imagine asking them to ship a broken configuration. Thanks, Stephen
signature.asc
Description: Digital signature