In article <[EMAIL PROTECTED]>, David L. Mills <[EMAIL PROTECTED]> wrote:
> my problem. I don't log into anywhere with name and password unless > requested by an official employer or govenment organization. And in that circumstance, one shouldn't login to a site with a self signed certificate unless you have already been provided with a copy of the certificate over a properly authenticated channel. At the moment, if I were to give a user and password, which I'm reluctant to do when there is no need (I hate (B2C) commercial sites that force you to register before they will give you full access to product information or pricing), I would have to assume that I was giving it to a man in the middle attacker, and thus use throwaway values for both. _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
