Date: Mon, 12 Mar 2018 09:58:36 -0700 From: Bryan Drewery <bdrewery@FreeBSD.org> To: Jan Beich <jbeich@FreeBSD.org>, Alexey Dokuchaev <danfe@FreeBSD.org> Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org, ports-committers@freebsd.org, Eitan Adler <eadler@FreeBSD.org>, "Danilo G. Baio" <dbaio@FreeBSD.org> Subject: Re: svn commit: r464037 - head/irc/znc Message-ID: <cabb5aa7-56f5-e89a-c540-8270b45b49c7@FreeBSD.org> In-Reply-To: <r2os-ntg3-wny@FreeBSD.org> References: <201803100016.w2A0GnR8013646@repo.freebsd.org> <fd8d2bb5-6235-f193-b8c5-e3cb37ea973d@FreeBSD.org> <20180310080202.GA18340@FreeBSD.org> <r2os-ntg3-wny@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --9zSjWyG2Jj2QD2jfCWqysLw9zmm4O40OB Content-Type: multipart/mixed; boundary="vXwu3Bk7XRNnqe1noTG27gl6TajczbXJY"; protected-headers="v1" From: Bryan Drewery <bdrewery@FreeBSD.org> To: Jan Beich <jbeich@FreeBSD.org>, Alexey Dokuchaev <danfe@FreeBSD.org> Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org, ports-committers@freebsd.org, Eitan Adler <eadler@FreeBSD.org>, "Danilo G. Baio" <dbaio@FreeBSD.org> Message-ID: <cabb5aa7-56f5-e89a-c540-8270b45b49c7@FreeBSD.org> Subject: Re: svn commit: r464037 - head/irc/znc References: <201803100016.w2A0GnR8013646@repo.freebsd.org> <fd8d2bb5-6235-f193-b8c5-e3cb37ea973d@FreeBSD.org> <20180310080202.GA18340@FreeBSD.org> <r2os-ntg3-wny@FreeBSD.org> In-Reply-To: <r2os-ntg3-wny@FreeBSD.org> --vXwu3Bk7XRNnqe1noTG27gl6TajczbXJY Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 3/10/2018 1:58 AM, Jan Beich wrote: > Alexey Dokuchaev <danfe@FreeBSD.org> writes: >=20 >> On Fri, Mar 09, 2018 at 05:58:31PM -0800, Bryan Drewery wrote: >> >>> This is a note in general, not specifically at you. But https for >>> distfiles only achieves 2 things: 1. Privacy against someone snooping= >>> that you are downloading ZNC (is it really that important?) but still= >>> can see your DNS and connections to the ZNC site... and 2. It breaks >>> proxy caching. So I don't think MASTER_SITES should be converted to >>> https in general. There's this odd push for it lately but I don't se= e >>> the benefit. >> >> Big +1 (HTTPS for distfiles is somewhat of a PITA for me as well). Ca= n >> we please go back to plain good HTTP? SHA256 provides enough assuranc= e >> against intermittent tampering with the distfiles. >=20 > "make makesum" has no MITM protection with HTTP. Maintainers may work > on updates outside of jail due to convenience and exposure to crazy > make.conf optimizations. Only after an update is ready it's tested in > a poudriere jail. >=20 This is a very good point. --=20 Regards, Bryan Drewery --vXwu3Bk7XRNnqe1noTG27gl6TajczbXJY-- --9zSjWyG2Jj2QD2jfCWqysLw9zmm4O40OB Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJaprHAAAoJEDXXcbtuRpfP4uQIAJTsEkpu0p3XTMx0Zx9qCorF EOrr7sBzNeVd+cWcSNzxUoY89onQG2oP45LHvJYBMPYb/gZGMFSIBK2/YwCaKic8 PNOYNBr9+gNVQNvIWm87CducP+1l6CmPNi4pEaxd+AlDp0eg0fuOFlWsrD2K+vdq QxGXQw2qyZrNYIs/qnfw/SaAo3a9q03G396Px4QY58a4PsPSgn5iQYm3aRNLY1qt X2DDTfERiKiJ2nPszIl7UY5xtU4RUEzDzax2J5UtFkFYlUUkJHCt0YpYDfYXlfoM rFIoGTfQHGbtnkBqEvP/whA9BlynsQmDXagQyWe+wo2t6vageDkNNJIQ4mmvhek= =MYY8 -----END PGP SIGNATURE----- --9zSjWyG2Jj2QD2jfCWqysLw9zmm4O40OB--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cabb5aa7-56f5-e89a-c540-8270b45b49c7>