* Joe Abley wrote:
On 2013-11-05, at 18:21, ned+ietf(_at_)mauve(_dot_)mrochek(_dot_)com wrote:
not every tool out there supports https.
That seems like the kind of thing we want to change (security as an
afterthought vs. security as a fundamental requirement).
A typical problem I have is that I forgot to install Honest Achmed's
certificates and then tools refuse to work and they might not have an
option to ignore the problem. Cygwin tools for instance; apparently
the certificate bundle is not part of the base system. It is also
very very common that certificates are for the wrong hostnames or are
expired leading to tool failure. It can be very frustrating when the
remote host refuses to operate under plain 'http' in such cases.
--
Björn Höhrmann · mailto:bjoern(_at_)hoehrmann(_dot_)de ·
http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/