X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:mime-version:in-reply-to:references:from:date :message-id:subject:to:content-type; q=dns; s=default; b=NgysHdN OequnWwc7MfAd1I7LCwm7qrOKfgj1zOMti+tQneI9jJmsaWTtpnbXOdDF6loIX+E jDrnTH5HQSIxhxvCMcLkkRqBaWaZ8/hNm361zf7nBrlGpcF13LsszB+hsmiS9jqz vOvfcql/xrypIS86qCXUgOwlGw6TqPaMzcxU= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:mime-version:in-reply-to:references:from:date :message-id:subject:to:content-type; s=default; bh=gYxT2F2hnWsMW wVq0hMe7u7Hz+M=; b=p/MgbeY3aOZQ4iuKwsls5d7gCgWBa0h4JHSjNtQav53J0 8SxY5AjHprzGgveA+2WvauF+b5O88FsCflAKOZwnjtMueK1myMjVfktOQ8ixH7uT T3JujEV8Io+pDC91MzwIuPC4665+sU0u5RNiryAipGySLcRo/Pq8kOp6VdLPB8= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-0.6 required=5.0 tests=AWL,BAYES_00,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=no version=3.3.1 spammy=H*r:a0c, website, site, office X-HELO: mail-qt1-f171.google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=WSZvXRv1/VHztq4mdj+MJDBMC77GnAeQFx/jP6UXTCk=; b=itTiObChuReUt1afyJQReeG/1fnNxMOZfnYdO3iIq5QbNyOyAWxYj3ChRYff0ndAaV tASw0TqIZ15oio3l7p3E/EfvnK2ubfmHTwKiVli6euhGGZuQ5YT95y9vA56jpgl5WmW3 4F5UwX1TX3Xc9BbSVxST1xUDB1+uE7oi/O9V6bBVAmxjJGT50ociYtIJ84B29vFgLUGI MkY7KAAhDQfWJoZQnrfqOky4j50145ehfqzvhw5Wr8lkK/OE+3sZOL9Omo2hIDUbly5n tWWz6hTLVbW4TognnrCNkAjQuGmdf87QJ5Km6vRtpD3L+LuTMALMwc1wj+Ql8oXwBxXi hQdw== MIME-Version: 1.0 In-Reply-To: <87imwn3jvr.fsf@Rainer.invalid> References: <1a840c2e-55ac-0ab4-66c4-a1f6a2c4f81a AT Shaw DOT ca> <41f12842-ea43-ff63-a660-26ee3b497c63 AT SystematicSw DOT ab DOT ca> <1b570593-0ec7-0890-26ef-7e7468534f47 AT SystematicSw DOT ab DOT ca> <1406950005 DOT 20190312031618 AT yandex DOT ru> <87imwn3jvr DOT fsf AT Rainer DOT invalid> From: Lee Date: Tue, 12 Mar 2019 17:32:09 -0400 Message-ID: Subject: Re: SSL not required for setup.exe download To: cygwin AT cygwin DOT com Content-Type: text/plain; charset="UTF-8" X-IsSubscribed: yes On 3/12/19, Achim Gratz wrote: > Lee writes: >> I don't think it's a false sense of security. https:// isn't "safe" >> but it is _safer_ than http:// > > Unless you are in an environment where an extra root cert is injected > just to be able to break up the encrypted connection. Which is a lot > more common than people think and is not quite as easy to check for as > some folks make it out. Right - checking the web-site cert on every site gets old fast. Which is why I liked the firefox cert patrol addon reminding me $WORK had their "data loss protection" screening in action. But even with the security office being able to snoop or modify every one of my https:// connections, it's just the security office people, so it still seems safer using tls than clear-text connections. Regards, Lee -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple