[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] [bug #51666] Please hash the hostname in ~/.wget-hsts fil
|
From: |
Tim Rühsen |
|
Subject: |
Re: [Bug-wget] [bug #51666] Please hash the hostname in ~/.wget-hsts files |
|
Date: |
Fri, 18 Aug 2017 22:37:44 +0200 |
|
User-agent: |
KMail/5.2.3 (Linux/4.12.0-1-amd64; KDE/5.28.0; x86_64; ; ) |
On Freitag, 18. August 2017 14:51:12 CEST Ander Juaristi wrote:
> Follow-up Comment #2, bug #51666 (project wget):
>
> I'm not generally against these kind of small tweaks that don't harm and
> slightly improve user's privacy.
>
> If Firefox doesn't do it, we don't care: it's their business and they will
> end up doing it if users request that feature (maybe because they saw it in
> wget).
>
> Private SSH keys can be protected with a password if you want to.
As long as it is optional...
It would be nice being file compatible with Firefox (at least reading Firefox
HSTS db).
Maybe the sqlite backend that has been mentioned earlier should then work with
the same settings (hashed/not hashed).
> We can do both, hash and still keep the readable to the user only. If the
> overhead is not much I would go for it. That is the basis of every security
> framework out there: if the benefits of having 2 security mechanisms instead
> of only 1 outweigh the drawbacks, then implement 2 instead of 1.
Absolutely, but in this special case you open up a can of worms. From a
security standpoint, the average home directory is a nightmare. Once someone
gets access to it (read or write)...
Regards, Tim
signature.asc
Description: This is a digitally signed message part.