10 Jan
2020
10 Jan
'20
12:48 p.m.
On Fri, Jan 10, 2020 at 12:20:25PM +0000, Laurie Brown wrote:
On 10/01/2020 11:51, Chris Green wrote:
[SNIP]
TLS?
That's the question, not the answer! :-)
It is the answer actually. I do think you're worrying too much, but as long as you control your own DNS, Let's Encrypt gives free certificates, and implementing them is trivial. If you're worried about MiM attacks, then use HTTPS.
I'm not worrying about MIM attacks, I'm asking if I *should* be worried about them! :-) I have a Let's Encrypt certificate for the site and have some of the pages on HTTPS already. I guess I can simply put everything on the HTTPS server.
--
Chris Green