[clamav-users] https support for freshclam
Arnaud Jacques / SecuriteInfo.com
webmaster at securiteinfo.com
Wed Dec 24 11:09:19 UTC 2014
Le mardi 23 décembre 2014, 10:56:37 Dennis Peterson a écrit :
> Second try:
>
> What problem are you trying to solve with https?
Privacy.
> The data contain no secrets
> and are freely available to any who wish to have it, so the immediate
> effect of encryption is unneeded.
Public information, but private usage.
I believe in this philosophy : https://www.eff.org/encrypt-the-web
> Secondarily, https creates a greater
> server load to encrypt the data,
With nowadays CPUs, that's not a problem
> trusted SSL certs are an added expense,
Trusted SSL is authentication of the serveur. Could be a good thing for
downloading high security tools, like antivirus signatures that protect your
network.
Anyway, you can do SSL without trusting certificate. Even if it is a bad idea.
> and the additional bandwidth is also not free - someone is paying for it.
True. But this is not so important, according to
https://stackoverflow.com/questions/149274/http-vs-https-performance
This link is interesting too : https://www.httpvshttps.com/
> This seems to me to be a gratuitous use of https but I don't yet know your
> purpose for doing so.
My idea is not replacing HTTP with HTTPS. It is just adding support for HTTPS
to freshclam.
Many website have switched from HTTP to SSL in the last years. I guess this is
the natural evolution of the web. This is my opinion.
--
Best regards,
Arnaud Jacques
SecuriteInfo.com
More information about the clamav-users
mailing list