> > I don't see any with priviledge seperation, nor any which could
> > plausibly be pledged.
>
> For months there wasn't anything other than the official client. After
> the service started operating and showed itself to not be vapourware
> people started writing their own, but obviously the
On 2016-05-10, Theo de Raadt wrote:
>> It's still relatively young and the clients are improving.
>
> I actually don't think they are improving.
>
> I don't see any with priviledge seperation, nor any which could
> plausibly be pledged.
For months there wasn't anything
> It's still relatively young and the clients are improving.
I actually don't think they are improving.
I don't see any with priviledge seperation, nor any which could
plausibly be pledged.
On Tue, 10 May 2016, Ingo Schwarze wrote:
> Hi Kristaps,
>
> Kristaps Dzonsons wrote on Tue, May 10, 2016 at 11:37:42AM +0200:
>
>> (1) download ... couldn't find ... didn't require bash
>> (2) aforementioned script in a cronjob
>> (2b) user to have access to
>> (3) doas rule
>>
On 2016-05-10, Ingo Schwarze wrote:
> Hi Kristaps,
>
> Kristaps Dzonsons wrote on Tue, May 10, 2016 at 11:37:42AM +0200:
>
>> (1) download ... couldn't find ... didn't require bash
>> (2) aforementioned script in a cronjob
>> (2b) user to have access to
>> (3) doas rule
>> (4)
Hi Kristaps,
Kristaps Dzonsons wrote on Tue, May 10, 2016 at 11:37:42AM +0200:
> (1) download ... couldn't find ... didn't require bash
> (2) aforementioned script in a cronjob
> (2b) user to have access to
> (3) doas rule
> (4) doas rule
> (5) [another?] script from a cronjob
You must be
>> (By the way, httpd(8) doesn't support SNI yet--what do you use a
>> web server? I found that apache2's chroot and https combo didn't
>> pass the "can I set this up in less than five minutes" sniff
>> test--I ended up using nginx.)
>
> OpenBSD httpd :) If you need to serve more than one
- Original Message -
> (By the way, httpd(8) doesn't support SNI yet--what do you use a web
> server? I found that apache2's chroot and https combo didn't pass the
> "can I set this up in less than five minutes" sniff test--I ended up
> using nginx.)
OpenBSD httpd :)
If you need to serve
> I dislike the idea.
>
> For one, it does not stop a MITM by itself.
>
> In addition, enforced encryption makes it hard to cache and/or use
> proper http proxies with the site.
>
> Purely informative sites don't need TLS. The user can opt to use TLS
> if he thinks the content he needs to read
9 matches
Mail list logo