SSL not required for setup.exe download
Lee
ler762@gmail.com
Tue Mar 12 21:32:00 GMT 2019
On 3/12/19, Achim Gratz wrote:
> Lee writes:
>> I don't think it's a false sense of security. https:// isn't "safe"
>> but it is _safer_ than http://
>
> Unless you are in an environment where an extra root cert is injected
> just to be able to break up the encrypted connection. Which is a lot
> more common than people think and is not quite as easy to check for as
> some folks make it out.
Right - checking the web-site cert on every site gets old fast. Which
is why I liked the firefox cert patrol addon reminding me $WORK had
their "data loss protection" screening in action.
But even with the security office being able to snoop or modify every
one of my https:// connections, it's just the security office people,
so it still seems safer using tls than clear-text connections.
Regards,
Lee
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list