Mark Felder <[email protected]> writes: > Dag-Erling Smørgrav <[email protected]> writes: > > Daniel Feenberg <[email protected]> writes: > > > Is there a reason to encrypt something that is completely public? > > Watering hole attacks. > Watering hole attack describes the *site* being compromised because it's > popular and you know the target(s) will go there. HTTPS is irrelevant.
...or a MITM attack on a site that is popular with your target demographic. Then again, if you have the means to mount a MITM attack you probably have the means to get a valid certificate. DES -- Dag-Erling Smørgrav - [email protected] _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
