A lot of people think TLS is unnecessary for software updates, provided the update mechanism already includes signing/verification. Unless you’re Microsoft, this seems like a big mistake.
-
-
And they cant be cached and frequently take down corporate networks on release day. Not all issues are security issues. MS uses HTTPS for validation and metadata, and HTTP for payload so that it can be cached.
-
In a world of streaming and frequent video conferencing, I kinda want the network to be able to keep up with everyone downloading a few GB just fine.
- 2 more replies
New conversation -
-
-
And you can't DOS HTTPS connection via MITM?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.