I have a home server and I have some HTTP services running on it. I’m thinking if I should even bother with HTTPS, as I’m already using tail scale which should be peer-to-peer and encrypted. So I shouldn’t worry about any men in the middle.
Am I missing something?
It does though doesn’t it? since every device needs to be authorized by me first
It can still have issues with potential attacks that would redirect your client to a system outside of the VPN. It would prevent MitM but not complete replacement.
Yep! It all comes down to your attack surface and how paranoid you want to be.