Donald Stufft writes: > As an additional side note, anecdotal evidence and what not, but > *every* time I bring this up somewhere I get at least one reply > that looks similar to > https://twitter.com/ojiidotch/status/425986619879866368 Hey, wait a cotton-picking minute! Are you telling me that Perl, PHP, and Ruby *do* verify certs by default in their "batteries included" stdlibs, and developers using those languages have been turning that feature off in their code for, like, you know, well, for-EVER man!? (They surely don't leave it on, or my employer would have fixed their broken cert chain and hostnames by now.) If so, that's evidence for the practicality of the proposal, and maybe even for fast-tracking it to catch up. My employer and the Ministry of Education, Culture, Science, and Technology be damned (and they will be). But if it's only the already security-conscious developers and managers who go WTF?, and other environments don't do this by default, I'd consider that a "dangerous curve, slow down" sign.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4