On Mon, Dec 13, 2021 at 8:25 PM Tim via users <users@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
On Mon, 2021-12-13 at 12:45 -0700, Greg Woods wrote:
While it can do what you want, it is subverting the purpose of HTTPS.
I'm not sure anyone should support a technique that hides an insecure
connection behind a faked secure one.
I would dispute that. In my case, caddy runs on an internet-accessible server, but the actual web server is behind two firewalls. The unencrypted connection is entirely behind at least one firewall, and if someone manages to gain access to the inside of that firewall, then the game is already over. I don't think I'd recommend this for enterprise setups, as there are too many potential threats already behind the firewall (can you really trust every single one of your employees?) But for a home setup where the only authorized users are my wife and myself, I think it's sufficiently secure. But everyone will have to judge that for themselves.
--Greg
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
