HTTPS redirects to HTTP for monitoring

William Herrin bill at herrin.us
Tue Jan 20 15:07:01 UTC 2015


On Tue, Jan 20, 2015 at 5:23 AM, Tim Franklin <tim at pelican.org> wrote:
> I'd still very much *want* the organization to tell the users
> that the internal IT people are breaking their SSL, so
> please not to have any expectation that security is doing
> what you think it is.

Blame it on the browser devs. They tell users the -wrong- things about
security. Silent about totally unencrypted traffic. Silent about
Sysadmin-installed certs. Noisy with dire warnings about anyone who
wants better than unencrypted without whole-hog signed certs. And God
help you if you train your users to just click "confirm exception."

Regards,
Bill Herrin


-- 
William Herrin ................ herrin at dirtside.com  bill at herrin.us
Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>
May I solve your unusual networking challenges?



More information about the NANOG mailing list