From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: <1546074888.4118289.1620520664.58F55477@webmail.messagingengine.com> References: <490F1740-354F-4024-827C-C42546EFCB53@quintile.net> <1546074888.4118289.1620520664.58F55477@webmail.messagingengine.com> From: Lucio De Re Date: Sat, 29 Dec 2018 11:30:32 +0200 Message-ID: To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: text/plain; charset="UTF-8" Subject: Re: [9fans] sources down Topicbox-Message-UUID: f10d6690-ead9-11e9-9d60-3106f5b1d025 On 12/29/18, Ethan Gardener wrote: > On Sat, Dec 29, 2018, at 3:58 AM, Lucio De Re wrote: >> Personally, I think HTTPS is overrated, or has just made itself >> overrated. > > I've heard from multiple sources that this kind of single-ended > authorization isn't worth much, but I'm not so sure. My current ISP > re-encrypts all data from imgur with their own certificate, which means I > know the connection is being interfered with. > I like to think that I'm as sharp a security specialist as I'm likely to encounter, despite living in a bit of a backwater. My ISP (one of, thankfully) managed to arrange a certified X.509 certificate for a domain I have absolute control over. Since then, the web site has had its ups and down, last of which (I really can't raise enough anger to take them on) they won't let me install the certificate myself: it needs root privileges and they won't grant them to a user. Thing is, the web site has no need whatever for user security, we hold no private information, Lucio. PS: That was a bit O.T. But I bet I could run the site on a Plan 9 server...