From owner-freebsd-security@FreeBSD.ORG Mon May 18 14:54:35 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 698AFEBB; Mon, 18 May 2015 14:54:35 +0000 (UTC) Received: from zxy.spb.ru (zxy.spb.ru [195.70.199.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1FA0B12FB; Mon, 18 May 2015 14:54:35 +0000 (UTC) Received: from slw by zxy.spb.ru with local (Exim 4.84 (FreeBSD)) (envelope-from ) id 1YuMR5-000NnU-2e; Mon, 18 May 2015 17:54:31 +0300 Date: Mon, 18 May 2015 17:54:31 +0300 From: Slawa Olhovchenkov To: Mark Felder Cc: Ian Smith , freebsd-security@freebsd.org Subject: Re: Forums.FreeBSD.org - SSL Issue? Message-ID: <20150518145430.GH1394@zxy.spb.ru> References: <2857899F-802E-4086-AD41-DD76FACD44FB@modirum.com> <05636D22-BBC3-4A15-AC44-0F39FB265CDF@patpro.net> <20150514193706.V69409@sola.nimnet.asn.au> <555476CB.2010005@ivpro.net> <1431608885.1875421.268665801.1220FE34@webmail.messagingengine.com> <5554C025.9090903@ivpro.net> <20150515173820.M69409@sola.nimnet.asn.au> <1431694294.3518862.269597633.213CD919@webmail.messagingengine.com> <20150516190047.R69409@sola.nimnet.asn.au> <1431956574.2820539.271626745.23D563FC@webmail.messagingengine.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1431956574.2820539.271626745.23D563FC@webmail.messagingengine.com> User-Agent: Mutt/1.5.23 (2014-03-12) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: slw@zxy.spb.ru X-SA-Exim-Scanned: No (on zxy.spb.ru); SAEximRunCond expanded to false X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 May 2015 14:54:35 -0000 On Mon, May 18, 2015 at 08:42:54AM -0500, Mark Felder wrote: > > > > > Actually, that might be the reason -- Google search results. Perhaps > > > Google is also logging what protocols/ciphers your HTTPS has and is > > > using that in search rankings. > > > > You're seriously suggesting that the FreeBSD project should set security > > policies to favour higher rankings from an advertising company? > > > > If people can't search Google and find results on the first page they're > going to be very, very discouraged from even trying it out. > > I don't think I can provide any further information about what's going > on here, but I hope that I've answered some questions about why this > isn't such a terrible idea. Feel free to file a bug report if you would > like this followed up by those who have control over these decisions. Need higher rankings with https? Do https mirrors for google/bing. Client can't use strong encription? Allow cleartext and weak encription. FreeBSD forum posts don't contains any sensitive information. "Be strict in what you send, but generous in what you receive"