all good, but there are two questions: [0] what should the warning be?
[1] what is a good way to deal with an installation that has not changed the passphrase? I don't think "moniker" as a default is a good choice. I think you should be as worried about attack vectors now as about attack vectors with changes. but I think there is a clear *best* way to deal with this. Abort startup with a large error note and specific instruction if the domain is not localhost. regards, /iaw -- You received this message because you are subscribed to the Google Groups "Mojolicious" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/mojolicious. For more options, visit https://groups.google.com/d/optout.
