On 20/11/20 16:52, W. Michael Petullo wrote:
I think making use of self-signed certificates in production is a bad idea because (1) it reinforces poor practices, namely electing to trust a self-signed certificate and (2) it does not authenticate the server/router, a critical piece of the TLS security model.
maybe, but it's still better than sending all communication to the management interface as plain text.
My point of view is that we should delay HTTPS-by-default until we have a scheme for establishing the identity of the router. Until then, we should be honest and make use of HTTP.
nobody is working on that, and in most cases it's not really possible. You always have a point where the user has to make the call of trusting the device's ID or code or something.
-Alberto _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
