[01:26] <sbeattie> ugh, libsoup didn't do validation by default, IIRC. Needs configuration by the caller to get it to do it.
[01:35] <sbeattie> ah, phew:
[01:35] <sbeattie>       session.ssl_use_system_ca_file = true;
[01:35] <sbeattie>       session.ssl_strict = true;
[01:35] <sbeattie> (where session = new Soup.SessionAsync (); )
[01:36] <sbeattie> bkerensa, kees: ^
[01:36] <bkerensa> sbeattie: so it is potentially vulnerable to MitM?
[01:37] <sbeattie> no, strict ssl checking is enabled for the soup connection, which is what the searches are going over.
[01:37] <bkerensa> ah
[01:39] <sbeattie> (sadly, you also need to tell libsoup to look at the system ca certs; by default even if you have strict ssl checking turned on, if it doesn't have any certs to verify against, it just shrugs and allows the connection.)
[01:44] <sbeattie> http://developer.gnome.org/libsoup/unstable/SoupSession.html#SoupSession--ssl-strict
[02:15] <bkerensa> sbeattie: is that a bug or feature :)
[03:15] <kees> sbeattie: nice!
[18:42] <bkerensa> kees: https://launchpad.net/~ubuntu-nexus7/+archive/ubuntu-nexus7-installer
[18:42] <bkerensa> :D
[18:42] <bkerensa> wonder what could be going in that repo
[18:43] <bkerensa> ;p
[19:37] <tgm4883> yay for wasting an entire morning on the phone with adobe because they can't fix their installer :/
[21:03] <kees> bkerensa: cool! /me doesn't have a nexus7, but that's still exciting :)
[21:19] <Brian_H> bkerensa: you played with that new chrome book yet?