|
|
|
|
|
|
by perennialmind
2635 days ago
|
|
|
I don't know why back-to-back SSL proxies were never afforded an officially sanctioned mechanism for explicitly delegating trust. The alternative is this "I know you're lying, but I love you too much to leave you" mentality. If you're asking package managers to facilitate such a morally compromised relationship, your best bet is to make user intent explicit and circumscribed. One way to signal that intent might be to adopt a trust-on-first-use approach: > rustup --detect-mitm
MITM thumbprint: 567d3e4c...
> rustup --permit-mitm=567d3e4c...
Not that that would be easy to do, mind you. |
|
|