X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:subject:references:date:in-reply-to
	:message-id:mime-version:content-type; q=dns; s=default; b=pno3j
	+PrqKQX+z4Cj++ZVZaTZaJJXp8+5cvoRA7FqdDLhk7Qh6WaTJGIM/eTXhafS0Tpw
	H60r7scAZp2jU6zif2PEptljLyg+GKfY28mFihWoqqsUM6FtufeFl7m7+2oSM1xG
	LHhRxxJ7Qx0fGMucpuYLrvX3/NSbCaW/wAKxOI=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:subject:references:date:in-reply-to
	:message-id:mime-version:content-type; s=default; bh=nZC06EIz7VX
	VHOY6r6BIY/4qrgA=; b=d3lVJKM4oHuW0rVF2p43LjKixtN37KZRb6TGLRZKTiH
	EPnASDOFgXxGDIwzLyRnJ6Y7zMV2hzXSbcpYF2nPFQqS0264STC+ySRKjq+Vgh3L
	smivHuQ5L6mVaE94bsR4gXmQWr/aaE+Nd+tYU72nAo/MRt2I9TA7dQT8pPRE1O4Y
	=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.1 spammy=HX-Languages-Length:601, HX-Spam-Relays-External:ESMTPA
X-HELO: vsmx012.vodafonemail.xion.oxcs.net
From: Achim Gratz <Stromeko AT nexgo DOT de>
To: cygwin AT cygwin DOT com
Subject: Re: SSL not required for setup.exe download
References: <CANSoFxtW0Jb1M5KfkFGGOxec_D8ysyYCrnk_PXWjHobLDXZauQ AT mail DOT gmail DOT com>	<1a840c2e-55ac-0ab4-66c4-a1f6a2c4f81a AT Shaw DOT ca>	<CANSoFxtA0vnF1adx4rwyjuMasrVAOGb8hT_Uct-wSdcazj252w AT mail DOT gmail DOT com>	<41f12842-ea43-ff63-a660-26ee3b497c63 AT SystematicSw DOT ab DOT ca>	<CANSoFxtLzGgcOhrsu4h0eXXnpezB6v17cGwOrqy6SjSvJ__gLA AT mail DOT gmail DOT com>	<1b570593-0ec7-0890-26ef-7e7468534f47 AT SystematicSw DOT ab DOT ca>	<CANSoFxsq+5OfRH7RF3QdpMSJU-4JAKSCZM-rUUysP5Y3myR0+Q AT mail DOT gmail DOT com>	<1406950005 DOT 20190312031618 AT yandex DOT ru>	<CAD8GWsv=R+G5P9_fNvMvC1+txqPELr=5s3R38jiPyCUj0AcTFg AT mail DOT gmail DOT com>
Date: Tue, 12 Mar 2019 21:42:00 +0100
In-Reply-To: <CAD8GWsv=R+G5P9_fNvMvC1+txqPELr=5s3R38jiPyCUj0AcTFg@mail.gmail.com>	(Lee's message of "Tue, 12 Mar 2019 15:45:47 -0400")
Message-ID: <87imwn3jvr.fsf@Rainer.invalid>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain

Lee writes:
> I don't think it's a false sense of security.  https:// isn't "safe"
> but it is _safer_ than http://

Unless you are in an environment where an extra root cert is injected
just to be able to break up the encrypted connection.  Which is a lot
more common than people think and is not quite as easy to check for as
some folks make it out.


Regards,
Achim.
-- 
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+

Factory and User Sound Singles for Waldorf Q+, Q and microQ:
http://Synth.Stromeko.net/Downloads.html#WaldorfSounds

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple