From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qv1-xf29.google.com (mail-qv1-xf29.google.com [IPv6:2607:f8b0:4864:20::f29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 093143B29E for ; Wed, 20 Oct 2021 14:47:20 -0400 (EDT) Received: by mail-qv1-xf29.google.com with SMTP id z15so2641927qvj.7 for ; Wed, 20 Oct 2021 11:47:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=GZ4B/4jYvkVMNkm8FiInUu97J5wHJ7B5vQfxBYC+Fkg=; b=peny44pPI/DQa75736P2uSZ/H2YxD8SIk059lahcMDd7dUtRlAuuhK+Fr6len9CFdT cg8IoEd7ZZhlqQz0nvaqzqlVLSk5gLbbDWitHcU6qYX/vYJOmBhjfNw76z1emhgaIHDT j1woVigUKm5xjnFPbN/wATHkMjGAG+vUxA/AIBQOcQ31hlinb6ZCebedwE9y3o4djmSu zEcrTw/2cx2p131dWlJ8lG48xHmr/PboSLO1XDfKyyQ5bVqUrqkRBLhG/jVqUwoBXC/J nh3mPp8S67ywZz2RCgXBpAj4k9LeF3NTteps1rtqkL6FdPOtDj1HnVSezJDtbSQ+zgaN 92Lg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=GZ4B/4jYvkVMNkm8FiInUu97J5wHJ7B5vQfxBYC+Fkg=; b=QG55/pRULHn7KFZ5T5ZL0xe4g2grd5H1DP5HoIRQ2HzZstW9IIxAQUJSTVF7Sw83Rr BumYAct0HPQyRghIa+YOp+/j1KmePcCt/0V4NSi74Y7ZU8OOHi2Sdg+EBOWuxlPayrJp y757TAjNTC4QyIunFHy1b4HRTXyBIJ1U0TBShlceXrU54bBmFU6NOsqMQU5nCWXzNpPe SfmxTbRY2modiQgBYz52I9pXciBFpJPW4gGv8TQYgtlysZyY3mijNmuKdqQzADjhSaAl c1NM/WEj2iVA6ryM4uodapuQPan3OMo+Bm1tIdXL8Bk8miQNnI7+5YvS64hVDnLDJiBB zjjw== X-Gm-Message-State: AOAM532uIoS0rQgWIt4CAJp3Brk6w67FN6DX8nuBUEDRorXob7uBrRVx BgN0HBIXCx+0W6xID2eGOc8= X-Google-Smtp-Source: ABdhPJwjZua0WjRVaNVeCBcEFoI6urWGfHOfo+x9NF3qpygV1aQF/5gWQ0F1Ky960ro19VHskXFz4w== X-Received: by 2002:a05:6214:300d:: with SMTP id ke13mr421447qvb.54.1634755639430; Wed, 20 Oct 2021 11:47:19 -0700 (PDT) Received: from richs-mbp-pro.lan ([198.55.239.186]) by smtp.gmail.com with ESMTPSA id p11sm1470366qtw.60.2021.10.20.11.47.18 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 20 Oct 2021 11:47:18 -0700 (PDT) From: Rich Brown Message-Id: <4BB78FBC-A808-4787-AD62-BFA0659E4726@gmail.com> Content-Type: multipart/alternative; boundary="Apple-Mail=_2E2D93AB-0A44-4AE8-8F14-1AADA86A0D2C" Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\)) Date: Wed, 20 Oct 2021 14:47:18 -0400 In-Reply-To: Cc: Randall Meyer , rpm@lists.bufferbloat.net To: Christoph Paasch References: <6B7910A6-9157-40DD-8C50-FE42AEDB7797@apple.com> <8F8B59C1-9FB7-4B3E-9C15-14180721FEA8@gmail.com> X-Mailer: Apple Mail (2.3608.120.23.2.7) Subject: Re: [Rpm] Does RPM measurement *require* a valid SSL certificate X-BeenThere: rpm@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: revolutions per minute - a new metric for measuring responsiveness List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Oct 2021 18:47:20 -0000 --Apple-Mail=_2E2D93AB-0A44-4AE8-8F14-1AADA86A0D2C Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii OK. I am convinced and satisfied by this outcome. > On Oct 20, 2021, at 2:30 PM, Christoph Paasch = wrote: >=20 >> - People using those clients but specifying a different RPM Server. = It'll be one of those implementations from the github = networkQuality/server repo, or an OpenWrt package, or random router = manufacturer's own built-in RPM Server.=20 >=20 > And these users, will already have to specify the custom server in the = command-line with the "-C" option. So, it will be easy for them to also = specify "-k/--insecure". - People using Apple's iOS client have no option (today) to specify a = custom server. If one becomes available, I imagine it'll have a checkbox = that says, "Accept insecure certificate" - People using Apple's macOS client can use both -C and -k to accept the = insecure certificate. - People using homegrown RPM clients will use the client's options, = presumably that match the Apple clients.=20 Thanks again. Rich= --Apple-Mail=_2E2D93AB-0A44-4AE8-8F14-1AADA86A0D2C Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii OK. = I am convinced and satisfied by this outcome.

On Oct = 20, 2021, at 2:30 PM, Christoph Paasch <cpaasch@apple.com> = wrote:

- = People using those clients but specifying a different RPM Server. It'll = be one of those implementations from the github networkQuality/server = repo, or an OpenWrt package, or random router manufacturer's own = built-in RPM Server. 

And these users, will already have to specify the custom = server in the command-line with the "-C" option. So, it will be easy for = them to also specify "-k/--insecure".

- People using Apple's iOS client have no = option (today) to specify a custom server. If one becomes available, I = imagine it'll have a checkbox that says, "Accept insecure = certificate"

- = People using Apple's macOS client can use both -C and -k to accept the = insecure certificate.

- People using homegrown RPM clients will use the client's = options, presumably that match the Apple clients. 

Thanks again.

Rich
= --Apple-Mail=_2E2D93AB-0A44-4AE8-8F14-1AADA86A0D2C--