Tom Glod wrote:
> On Fri, Jan 29, 2021 at 1:09 AM Richard Gaskin wrote:
>> The main benefit of encrypted sockets is to mitigate man-in-the-
>> middle attacks.
>> If you have a man in the middle of processes on a local computer that
>> isn't you, it would seem you have bigger concerns. ;)
> Hi Richard...the man in the middle attack is exactly the thing I was
> thinking of.
It seems I didn't write clearly.
With localHost the man in the middle is you, or someone else with
physical access to your computer (which is more or less the same thing).
Given the old adage that physical access = root, I'm unable to think of
a scenario in which encrypting localhost sockets is beneficial. Am I
overlooking something? I'm no CISSP, so I may well be.
Fourth World Systems
Software Design and Development for the Desktop, Mobile, and the Web
use-livecode mailing list
Please visit this url to subscribe, unsubscribe and manage your subscription