> On Mar 4, 2021, at 18:36, Drew DeVault <sir at cmpwn.com> wrote: > > The server generates a certificate and it just works. This is much easier. True. Especially because no one verifies the resulting certificate at all. Easy-peasy indeed. Actually, one could not bother at all as there is no chain of trust to speak of. Even easier. What's the point? Honest question. What's the [threat|trust|usage] model? https://en.wikipedia.org/wiki/Threat_model ?0?
---
Previous in thread (5 of 47): 🗣️ Bradley D. Thornton (Bradley (a) NorthTech.US)
Next in thread (7 of 47): 🗣️ Drew DeVault (sir (a) cmpwn.com)