I have a home server and I have some HTTP services running on it. I’m thinking if I should even bother with HTTPS, as I’m already using tail scale which should be peer-to-peer and encrypted. So I shouldn’t worry about any men in the middle.

Am I missing something?

It just feels wrong to work with non-S HTTP :(

  • MTK@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    9 months ago

    It does though doesn’t it? since every device needs to be authorized by me first

    • damium@programming.dev
      link
      fedilink
      English
      arrow-up
      13
      ·
      9 months ago

      It can still have issues with potential attacks that would redirect your client to a system outside of the VPN. It would prevent MitM but not complete replacement.