[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: 0.29.0 - PKCS12 Certificates Only?

From: Brian Mathis <bmathis_at_directedge.com>
Date: 2003-09-08 23:00:26 CEST

Mukund wrote:
> On Mon, Sep 08, 2003 at 03:33:36PM -0500, Doug Dicks wrote:
>>I can get around this by adding "ssl-ignore-unknown-ca = true" to my
>>servers file, but would like to avoid this if possible.
> Please avoid it, or you will defeat the very objective of using SSL/TLS.

Well, not the *very* objective, but one of them. You'll still get
encrypted traffic on the wire. Yes, a man in the middle attack is still
possible, but that takes much more effort than simply setting up tcpdump.

Brian Mathis
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Mon Sep 8 23:02:06 2003

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.