On 09/08/2017 17:44, Ted Lemon wrote:
> Of course, the real answer to this is that neither solution is
> desirable. I've heard several people here say that if localhost were
> "fixed" in an RFC, then the W3C could mark http connections to localhost
> as secure, rather than insecure. This is of course nonsense. The
> fact is that you should always validate the endpoint you are connecting
> to using some secure protocol. With a unix domain socket, you can pass
> credentials over the socket. With a TCP or UDP connection, you can't
> do that, so you need to use cryptography.
Speaking of which, MySQL uses the word "localhost" as a switch to use a
UNIX domain socket instead of IP for its connection.
Just sayin' ;)
DNSOP mailing list