Mark Felder wrote this message on Thu, Jul 03, 2014 at 14:16 +0000:
> There is always going to be skepticism about who to trust by default. The CA
> system is out of control and it worries me as well. However, if we do not
> make an effort to provide a default trust store why do we enforce
> verification by default? I feel it would be more consistent to disable
> verification requiring those who know what they're doing to create their own
> trust store and pass --verify-peer to fetch manually. I'm on the verge of
> breaking my keyboard every time I jump onto a random FreeBSD server and try
> to fetch something over https.
>
> --no-verify-peer is now muscle memory; that isn't a good sign. I eagerly
> await verification through DNSSEC to take off.
Maybe an interesting compromise is if there is no symlink/root of
trust cert(s) is to issue a warning, but go ahead anyways as if
--no-verify-peer is specified? That is assuming we don't install one
by default...
I normally use wget which has the same issue, so I usually spell it
--no-check-certificate...
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[email protected]"
