I have a home server and I have some HTTP services running on it. I’m thinking if I should even bother with HTTPS, as I’m already using tail scale which should be peer-to-peer and encrypted. So I shouldn’t worry about any men in the middle.

Am I missing something?

It just feels wrong to work with non-S HTTP :(

  • damium@programming.dev
    link
    fedilink
    English
    arrow-up
    14
    ·
    9 months ago

    It can still have issues with potential attacks that would redirect your client to a system outside of the VPN. It would prevent MitM but not complete replacement.