On Monday, August 10, 2015 at 7:10:43 PM UTC+2, mmarco wrote: > > What I meant is that it doesn't make any sense to show a scary warning in > the case of "encrypted but not verified" pages, but don't show any warning > in the case of "neither encrypted nor verified" plain http pages. The > second is strictly less secure than the first...
The former is a tell-tale sign of a MITM attack, the latter is just how http usually works. -- You received this message because you are subscribed to the Google Groups "sage-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+unsubscr...@googlegroups.com. To post to this group, send email to sage-devel@googlegroups.com. Visit this group at http://groups.google.com/group/sage-devel. For more options, visit https://groups.google.com/d/optout.