|
|
|
|
|
|
by mpyne
4387 days ago
|
|
|
I didn't get the impression jerf was arguing for perfect security, as much that they were saying that securing only against a passive attacker is as useful for the user as not using TLS at all. Selecting a threat model is all well and good, but if you select an artificially easy threat model to defend against then you're not really helping users (in this case, helping them against random evil ISPs?) |
|
|