Re: NSURLConnection and self-signed certs?
Re: NSURLConnection and self-signed certs?
- Subject: Re: NSURLConnection and self-signed certs?
- From: Miro Jurišić <email@hidden>
- Date: Sun, 13 Jun 2004 22:05:40 -0400
I also realize that it is of course preferred to only access sites
with validly signed/trusted certificates, but a) in practice, we don't
always have that option with sites that are out there and b) even
without the valid cert, those sites still provide encryption of the
data in transit (yes?).
Yes, but that's not useful. Assume you are sending an important piece
of information to a specific recipient. You need to know that a. you
are talking to the right person and b. noone else can intercept the
data in transit. If you abandon certificate verification, you abandon
part a. -- which means that you could be transmitting the very
important data to _anyone whatsoever_.
meeroh
--
<
http://web.meeroh.org/> | KB1FMP
A: Because it reverses the logical flow of conversation.
Q: Why is top posting frowned upon?
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.