How does the SSL work?
Posted: August 5th, 2013, 7:20 pm
I check the SSL box, and it Just Works, apparently encrypted.
Alas, I don't see any place where I can look at who signed each server's key, or fingerprints, or anything like that (analogous to clicking a padlock icon in many web browsers when using HTTPS).
So it makes me wonder how sabnzbd knows it has the right key for the server. What, exactly, would happen if a server updated their key, or if my ISP (perhaps under government orders, perhaps simply to gather marketing intell) were to become a Man in the Middle? Does sabnzbd show a warning and refuse to connect, or otherwise alert the user if the other side switches to a new key?
It seems like SSL doesn't have much point, unless users have a way to prevent (or at least detect) interception. Am I nuts?
Alas, I don't see any place where I can look at who signed each server's key, or fingerprints, or anything like that (analogous to clicking a padlock icon in many web browsers when using HTTPS).
So it makes me wonder how sabnzbd knows it has the right key for the server. What, exactly, would happen if a server updated their key, or if my ISP (perhaps under government orders, perhaps simply to gather marketing intell) were to become a Man in the Middle? Does sabnzbd show a warning and refuse to connect, or otherwise alert the user if the other side switches to a new key?
It seems like SSL doesn't have much point, unless users have a way to prevent (or at least detect) interception. Am I nuts?