tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: pkg_add and TLS



On Sun, Jul 02, 2017 at 02:06:50PM +0100, Benny Siegert wrote:
> > Given that NetBSD ships with no CA roots, I never bothered to add the
> > necessary verification. It would have been more harmful.
> 
> I disagree that it would have been more harmful, as long as cert
> verification is skipped when no certificates are present. Using HTTPS
> with no way to verify certificates is a bad idea.

I quite disagree. Failing to do certification verification in some
situations is certainly far more harmful.

Joerg


Home | Main Index | Thread Index | Old Index