Update HTTPS part of Readme

Do not advise against CAs, make clear HTTPS protects against some enumerated
threats.
This commit is contained in:
rugk 2017-08-10 21:51:10 +02:00
parent 674ebbc6fb
commit 53a8449674
No known key found for this signature in database
GPG key ID: 05D40A636AFAB34D

View file

@ -17,7 +17,7 @@ Data is encrypted and decrypted in the browser using 256bit AES in [Galois Count
This is a fork of ZeroBin, originally developed by This is a fork of ZeroBin, originally developed by
[Sébastien Sauvage](https://github.com/sebsauvage/ZeroBin). ZeroBin was refactored [Sébastien Sauvage](https://github.com/sebsauvage/ZeroBin). ZeroBin was refactored
to allow easier and cleaner extensions. PrivateBin has many more features than the to allow easier and cleaner extensions. PrivateBin has many more features than the
original ZeroBin. It is however still fully compatible to the original ZeroBin 0.19 original ZeroBin. It is, however, still fully compatible to the original ZeroBin 0.19
data storage scheme. Therefore, such installations can be upgraded to PrivateBin data storage scheme. Therefore, such installations can be upgraded to PrivateBin
without losing any data. without losing any data.
@ -38,15 +38,14 @@ without losing any data.
## What it doesn't provide ## What it doesn't provide
- As a user you have to trust the server administrator, your internet provider, - As a user you have to trust the server administrator.
and any country the traffic passes through not to inject any malicious javascript code.
For basic security, the PrivateBin installation *has to provide HTTPS*! For basic security, the PrivateBin installation *has to provide HTTPS*!
Additionally it should be secured by Otherwise you would also have to trust your internet provider, and any country
the traffic passes through not to inject any malicious javascript code.
Additionally the instance should be secured by
[HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) and [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) and
ideally by [HPKP](https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning) using a ideally by [HPKP](https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning) using a
certificate, either validated by a trusted third party (check the certificate certificate. It can use traditional certificate authorities and/or use
when first using a new PrivateBin instance), or self-signed by the server
operator, validated using a
[DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions) [DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions)
protected protected
[DANE](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities) [DANE](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities)
@ -58,8 +57,8 @@ without losing any data.
use a strong password and only share it privately and end-to-end-encrypted. use a strong password and only share it privately and end-to-end-encrypted.
- A server admin might be forced to hand over access logs to the authorities. - A server admin might be forced to hand over access logs to the authorities.
PrivateBin encrypts your text and the discussion contents, but who accessed it PrivateBin encrypts your text and the discussion contents, but who accessed a
first might still be disclosed via such access logs. paste (first) might still be disclosed via access logs.
- In case of a server breach your data is secure as it is only stored encrypted - In case of a server breach your data is secure as it is only stored encrypted
on the server. However, the server could be misused or the server admin could on the server. However, the server could be misused or the server admin could