Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #91162

Re: Ah Python, you have spoiled me for all other languages

Path csiph.com!usenet.pasdenom.info!news.redatomik.org!newsfeed.xs4all.nl!newsfeed2.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path <ian.g.kelly@gmail.com>
X-Original-To python-list@python.org
Delivered-To python-list@mail.python.org
X-Spam-Status OK 0.065
X-Spam-Evidence '*H*': 0.87; '*S*': 0.00; 'subject:Python': 0.05; 'upgraded': 0.05; 'accepted,': 0.09; 'attack.': 0.09; '23,': 0.16; 'certificate,': 0.16; 'check?': 0.16; 'notifies': 0.16; 'nowadays': 0.16; 'wifi,': 0.16; 'wrote:': 0.16; 'case.': 0.18; 'library,': 0.18; '>>>': 0.20; 'provided,': 0.22; 'am,': 0.23; '2015': 0.23; 'sat,': 0.23; 'header:In-Reply-To:1': 0.24; 'previously': 0.24; 'recognized': 0.24; 'thus': 0.24; 'tim': 0.24; 'signed': 0.24; 'chris': 0.26; 'message-id:@mail.gmail.com': 0.28; 'initial': 0.29; 'chase': 0.29; 'hacker': 0.29; 'subject:other': 0.29; 'talked': 0.29; 'connection': 0.30; 'too.': 0.30; 'convention': 0.31; 'minimal': 0.31; 'you?': 0.32; 'subject:all': 0.32; 'michael': 0.33; 'suddenly': 0.33; 'received:google.com': 0.34; 'to:addr:python-list': 0.35; 'attempt': 0.35; 'fail': 0.35; 'but': 0.36; 'being': 0.36; 'except': 0.36; 'possible': 0.36; 'should': 0.37; 'subject:: ': 0.37; 'signature': 0.37; "won't": 0.38; 'say': 0.38; 'means': 0.39; 'pm,': 0.39; 'to:addr:python.org': 0.39; 'where': 0.40; 'why': 0.40; 'some': 0.40; 'your': 0.60; 'determine': 0.61; 'valuable': 0.61; 'confirm': 0.61; "you'll": 0.61; "you've": 0.61; 'skip:u 10': 0.62; 'notified': 0.62; 'visit': 0.64; 'contact': 0.66; 'laptop': 0.67; 'talking': 0.67; 'home': 0.67; 'hesitate': 0.69; 'benefit': 0.70; 'worth': 0.73; 'subject:have': 0.80; 'hostile': 0.84; 'to:name:python': 0.84; 'subject:you': 0.88
DKIM-Signature v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; bh=Sto5MtV4kROI79cxm40+g7a7sw8IX0PZ/GZ37S/bbl8=; b=BaFdoXtjw1w+Y/+/tXwhRyu6k8UyhlhmRrpnqbtL7hshJY/5vV7zOQ1ksNGQZ2g8c/ E+4TGo6UZryTxI/vCBAnWbgHDFgJaUpoF5U2xJ5raBuoVS44kShiXN8hCgTKuOMoDF7F LgSj7ixqllL5698g++XMKdIFYIa0wnr17iljMUfGLl19RiRoOlkV7u/zgw2fNQk3EKAS rPcBK1npjQqcgoXhaHzfUMhrmqdEylToplM+DZ63hbOl+fgHuFO3XAFnqHHRdAswOqB0 V0yQZcGQq9TNRGFdVYbGxkf5E4YWzVOBcbjbk8qwRdXsr+ss18LemIoXM26mpWadcS6Y Hx4w==
X-Received by 10.43.104.69 with SMTP id dl5mr18318436icc.94.1432452183799; Sun, 24 May 2015 00:23:03 -0700 (PDT)
MIME-Version 1.0
In-Reply-To <55613E08.70707@gmail.com>
References <555f440a$0$12990$c3e8da3$5496439d@news.astraweb.com> <mailman.222.1432309028.17265.python-list@python.org> <555FA253.3020304@tundraware.com> <mjomke$saf$1@ger.gmane.org> <555FF482.8020007@gmail.com> <CALwzidkxFMpWc2miioN_L2mCPE6WFuHC_=HQX3vAmLL_KqqDRw@mail.gmail.com> <mailman.257.1432355416.17265.python-list@python.org> <slrnmm0o3c.864.jon+usenet@frosty.unequivocal.co.uk> <20150523063424.34308765@bigbox.christie.dr> <CAPTjJmp4P_ojbUpwgO_xtY9Do6X6p6oV25TNgKzrRnZ3sZ0xpw@mail.gmail.com> <55613E08.70707@gmail.com>
From Ian Kelly <ian.g.kelly@gmail.com>
Date Sun, 24 May 2015 01:22:23 -0600
Subject Re: Ah Python, you have spoiled me for all other languages
To Python <python-list@python.org>
Content-Type text/plain; charset=UTF-8
X-BeenThere python-list@python.org
X-Mailman-Version 2.1.20+
Precedence list
List-Id General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive <http://mail.python.org/pipermail/python-list/>
List-Post <mailto:python-list@python.org>
List-Help <mailto:python-list-request@python.org?subject=help>
List-Subscribe <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups comp.lang.python
Message-ID <mailman.7.1432452192.5151.python-list@python.org> (permalink)
Lines 30
NNTP-Posting-Host 2001:888:2000:d::a6
X-Trace 1432452192 news.xs4all.nl 2958 [2001:888:2000:d::a6]:42842
X-Complaints-To abuse@xs4all.nl
Xref csiph.com comp.lang.python:91162

Show key headers only | View raw

On Sat, May 23, 2015 at 8:57 PM, Michael Torrie <torriem@gmail.com> wrote:
> On 05/23/2015 05:40 AM, Chris Angelico wrote:
>> On Sat, May 23, 2015 at 9:34 PM, Tim Chase
>> <python.list@tim.thechases.com> wrote:
>>> A self-signed certificate may be of minimal worth the *first* time you
>>> visit a site, but if you return to the site, that initial
>>> certificate's signature can be used to confirm that you're talking to
>>> the same site you talked to previously.  This is particularly
>>> valuable on a laptop where you make initial contact over a (I
>>> hesitate to say "more secure") less hostile connection through your
>>> home ISP.  Then, when you're out at the library, coffee-shop, or some
>>> hacker convention on their wifi, it's possible to determine whether
>>> you're securely connecting to the *same* site, or whether an attempt
>>> is being made to MitM because the cert changed.
>>
>> You can get the exact same benefit (knowing when the cert changes)
>> with an externally-signed cert too. How many people actually bother to
>> check?
>
> Except that you won't be notified automatically.  A MitM attack nowadays
> most often uses a valid certificate signed by a recognized (though
> untrustworthy) CA.  Thus with a self-signed cert that you've previously
> accepted, you'll immediate know of the MitM attack.

I fail to see how this is the case. If a new certificate is suddenly
provided, why should the status of the *previous* certificate have
anything to do with whether the browser automatically notifies you? A
change from a self-signed certificate to a CA certificate likely just
means that the site has upgraded its certificate, not that a MitM
attack is underway.

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Ah Python, you have spoiled me for all other languages Steven D'Aprano <steve@pearwood.info> - 2015-05-23 00:58 +1000
  Re: Ah Python, you have spoiled me for all other languages Chris Angelico <rosuav@gmail.com> - 2015-05-23 01:29 +1000
    Re: Ah Python, you have spoiled me for all other languages wxjmfauth@gmail.com - 2015-05-22 10:57 -0700
    Re: Ah Python, you have spoiled me for all other languages Tim Daneliuk <tundra@tundraware.com> - 2015-05-22 16:40 -0500
    Re: Ah Python, you have spoiled me for all other languages Tim Daneliuk <tundra@tundraware.com> - 2015-05-22 16:40 -0500
      Re: Ah Python, you have spoiled me for all other languages Terry Reedy <tjreedy@udel.edu> - 2015-05-22 21:54 -0400
        Re: Ah Python, you have spoiled me for all other languages Tim Daneliuk <tundra@tundraware.com> - 2015-05-23 06:12 -0500
        Re: Ah Python, you have spoiled me for all other languages Tim Daneliuk <tundra@tundraware.com> - 2015-05-23 06:12 -0500
          Re: Ah Python, you have spoiled me for all other languages Terry Reedy <tjreedy@udel.edu> - 2015-05-23 13:26 -0400
      Re: Ah Python, you have spoiled me for all other languages Michael Torrie <torriem@gmail.com> - 2015-05-22 21:31 -0600
        Re: Ah Python, you have spoiled me for all other languages Johannes Bauer <dfnsonfsduifb@gmx.de> - 2015-05-23 08:55 +0200
          Re: Ah Python, you have spoiled me for all other languages Tim Daneliuk <tundra@tundraware.com> - 2015-05-23 06:21 -0500
            Re: Ah Python, you have spoiled me for all other languages Johannes Bauer <dfnsonfsduifb@gmx.de> - 2015-05-23 15:24 +0200
              Re: Ah Python, you have spoiled me for all other languages Marko Rauhamaa <marko@pacujo.net> - 2015-05-23 20:05 +0300
                Re: Ah Python, you have spoiled me for all other languages Johannes Bauer <dfnsonfsduifb@gmx.de> - 2015-05-24 20:29 +0200
          Re: Ah Python, you have spoiled me for all other languages Marko Rauhamaa <marko@pacujo.net> - 2015-05-23 15:44 +0300
            Re: Ah Python, you have spoiled me for all other languages Johannes Bauer <dfnsonfsduifb@gmx.de> - 2015-05-23 15:17 +0200
            Re: Ah Python, you have spoiled me for all other languages Steven D'Aprano <steve@pearwood.info> - 2015-05-24 00:00 +1000
              Re: Ah Python, you have spoiled me for all other languages Marko Rauhamaa <marko@pacujo.net> - 2015-05-23 19:53 +0300
                Re: Ah Python, you have spoiled me for all other languages Chris Angelico <rosuav@gmail.com> - 2015-05-24 03:41 +1000
                Re: Ah Python, you have spoiled me for all other languages Marko Rauhamaa <marko@pacujo.net> - 2015-05-23 22:02 +0300
                Re: Ah Python, you have spoiled me for all other languages Steven D'Aprano <steve@pearwood.info> - 2015-05-24 20:26 +1000
                Re: Ah Python, you have spoiled me for all other languages Marko Rauhamaa <marko@pacujo.net> - 2015-05-24 18:26 +0300
                Re: Ah Python, you have spoiled me for all other languages Chris Angelico <rosuav@gmail.com> - 2015-05-25 01:35 +1000
                Re: Ah Python, you have spoiled me for all other languages Marko Rauhamaa <marko@pacujo.net> - 2015-05-25 09:57 +0300
                Re: Ah Python, you have spoiled me for all other languages Laura Creighton <lac@openend.se> - 2015-05-25 11:39 +0200
                Re: Ah Python, you have spoiled me for all other languages Chris Angelico <rosuav@gmail.com> - 2015-05-25 21:09 +1000
            Re: Ah Python, you have spoiled me for all other languages Michael Torrie <torriem@gmail.com> - 2015-05-23 21:00 -0600
              Re: Ah Python, you have spoiled me for all other languages Marko Rauhamaa <marko@pacujo.net> - 2015-05-24 11:23 +0300
      Re: Ah Python, you have spoiled me for all other languages Ian Kelly <ian.g.kelly@gmail.com> - 2015-05-22 22:10 -0600
      Re: Ah Python, you have spoiled me for all other languages amber <amber.of.luxor@gmail.com> - 2015-05-23 04:11 +0000
        Re: Ah Python, you have spoiled me for all other languages Tim Daneliuk <tundra@tundraware.com> - 2015-05-23 06:11 -0500
        Re: Ah Python, you have spoiled me for all other languages Tim Daneliuk <tundra@tundraware.com> - 2015-05-23 06:11 -0500
      Re: Ah Python, you have spoiled me for all other languages Ben Finney <ben+python@benfinney.id.au> - 2015-05-23 14:20 +1000
      Re: Ah Python, you have spoiled me for all other languages Michael Torrie <torriem@gmail.com> - 2015-05-22 22:30 -0600
        Re: Ah Python, you have spoiled me for all other languages Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2015-05-23 11:10 +0000
          Re: Ah Python, you have spoiled me for all other languages Tim Chase <python.list@tim.thechases.com> - 2015-05-23 06:34 -0500
          Re: Ah Python, you have spoiled me for all other languages Chris Angelico <rosuav@gmail.com> - 2015-05-23 21:40 +1000
          Re: Ah Python, you have spoiled me for all other languages Michael Torrie <torriem@gmail.com> - 2015-05-23 20:57 -0600
          Re: Ah Python, you have spoiled me for all other languages Ian Kelly <ian.g.kelly@gmail.com> - 2015-05-24 01:22 -0600
      Re: Ah Python, you have spoiled me for all other languages Ian Kelly <ian.g.kelly@gmail.com> - 2015-05-22 22:29 -0600
      Re: Ah Python, you have spoiled me for all other languages Ian Kelly <ian.g.kelly@gmail.com> - 2015-05-22 22:49 -0600
      Re: Ah Python, you have spoiled me for all other languages Chris Angelico <rosuav@gmail.com> - 2015-05-23 14:49 +1000
        Re: Ah Python, you have spoiled me for all other languages Tim Daneliuk <tundra@tundraware.com> - 2015-05-23 06:29 -0500
      Re: Ah Python, you have spoiled me for all other languages Chris Angelico <rosuav@gmail.com> - 2015-05-23 14:55 +1000
      Re: Ah Python, you have spoiled me for all other languages Chris Angelico <rosuav@gmail.com> - 2015-05-23 14:28 +1000
      Re: Ah Python, you have spoiled me for all other languages Chris Angelico <rosuav@gmail.com> - 2015-05-23 14:21 +1000
    Re: Ah Python, you have spoiled me for all other languages Thomas 'PointedEars' Lahn <PointedEars@web.de> - 2015-05-23 14:33 +0200
      Re: Ah Python, you have spoiled me for all other languages Steven D'Aprano <steve@pearwood.info> - 2015-05-23 23:01 +1000
        Re: Ah Python, you have spoiled me for all other languages Chris Angelico <rosuav@gmail.com> - 2015-05-23 23:12 +1000
          Re: Ah Python, you have spoiled me for all other languages wxjmfauth@gmail.com - 2015-05-23 23:37 -0700
        Re: Ah Python, you have spoiled me for all other languages Ned Batchelder <ned@nedbatchelder.com> - 2015-05-23 06:35 -0700
          Re: Ah Python, you have spoiled me for all other languages Steven D'Aprano <steve@pearwood.info> - 2015-05-24 00:09 +1000
          Re: Ah Python, you have spoiled me for all other languages Thomas 'PointedEars' Lahn <PointedEars@web.de> - 2015-06-07 10:21 +0200
            Re: Ah Python, you have spoiled me for all other languages Steven D'Aprano <steve@pearwood.info> - 2015-06-07 21:42 +1000
              Re: Ah Python, you have spoiled me for all other languages Chris Angelico <rosuav@gmail.com> - 2015-06-07 22:08 +1000
                Re: Ah Python, you have spoiled me for all other languages Steven D'Aprano <steve@pearwood.info> - 2015-06-07 23:24 +1000
                Re: Ah Python, you have spoiled me for all other languages Chris Angelico <rosuav@gmail.com> - 2015-06-08 00:47 +1000
              Re: Ah Python, you have spoiled me for all other languages random832@fastmail.us - 2015-06-07 10:58 -0400
                Re: Ah Python, you have spoiled me for all other languages Steven D'Aprano <steve@pearwood.info> - 2015-06-08 02:28 +1000
  Re: Ah Python, you have spoiled me for all other languages Tony the Tiger <tony@tiger.invalid> - 2015-05-22 16:31 +0000
    Re: Ah Python, you have spoiled me for all other languages Mark Lawrence <breamoreboy@yahoo.co.uk> - 2015-05-22 17:57 +0100
    Re: Ah Python, you have spoiled me for all other languages Tim Daneliuk <tundra@tundraware.com> - 2015-05-22 16:41 -0500
      Re: Ah Python, you have spoiled me for all other languages Tony the Tiger <tony@tiger.invalid> - 2015-05-23 20:25 +0000
  Re: Ah Python, you have spoiled me for all other languages Grant Edwards <invalid@invalid.invalid> - 2015-05-22 17:47 +0000
    Re: Ah Python, you have spoiled me for all other languages Chris Angelico <rosuav@gmail.com> - 2015-05-23 04:11 +1000
    Re: Ah Python, you have spoiled me for all other languages mm0fmf <none@mailinator.com> - 2015-05-22 19:19 +0100
    Re: Ah Python, you have spoiled me for all other languages Laura Creighton <lac@openend.se> - 2015-05-22 21:14 +0200
      Re: Ah Python, you have spoiled me for all other languages Steven D'Aprano <steve@pearwood.info> - 2015-05-23 11:36 +1000
    Re: Ah Python, you have spoiled me for all other languages MRAB <python@mrabarnett.plus.com> - 2015-05-22 20:34 +0100
    Re: Ah Python, you have spoiled me for all other languages Ian Kelly <ian.g.kelly@gmail.com> - 2015-05-22 13:56 -0600
      Re: Ah Python, you have spoiled me for all other languages Marko Rauhamaa <marko@pacujo.net> - 2015-05-22 23:34 +0300
        Re: Ah Python, you have spoiled me for all other languages Tim Chase <python.list@tim.thechases.com> - 2015-05-22 15:55 -0500
        Re: Ah Python, you have spoiled me for all other languages Ethan Furman <ethan@stoneleaf.us> - 2015-05-22 14:15 -0700
        Re: Ah Python, you have spoiled me for all other languages Ian Kelly <ian.g.kelly@gmail.com> - 2015-05-22 15:20 -0600
  Re: Ah Python, you have spoiled me for all other languages Paul Rubin <no.email@nospam.invalid> - 2015-05-22 16:00 -0700
    Re: Ah Python, you have spoiled me for all other languages Michael Torrie <torriem@gmail.com> - 2015-05-22 21:33 -0600

csiph-web