Date: Fri, 8 Dec 2017 10:33:09 +0000 From: Luke Crooks <luke@solentwholesale.com> To: freebsd-security@freebsd.org Subject: Re: http subversion URLs should be discontinued in favor of https URLs Message-ID: <CAC0r6X94N4Dv=droSC=B8ri-sH2eb9gJgdvpVqwPt0pSenXfog@mail.gmail.com> In-Reply-To: <2a8d9a0a-7a64-2dde-4e53-77ee52632846@tjvarghese.com> References: <97f76231-dace-10c4-cab2-08e5e0d792b5@rawbw.com> <5A2709F6.8030106@grosbein.net> <11532fe7-024d-ba14-0daf-b97282265ec6@rawbw.com> <8788fb0d-4ee9-968a-1e33-e3bd84ffb892@heuristicsystems.com.au> <20171205220849.GH9701@gmail.com> <24153.1512513836@critter.freebsd.dk> <1C30FE91-753A-47A4-9B33-481184F853E1@tetlows.org> <867etyzlad.fsf@desk.des.no> <1291.1512658230@critter.freebsd.dk> <2a8d9a0a-7a64-2dde-4e53-77ee52632846@tjvarghese.com>
next in thread | previous in thread | raw e-mail | index | archive | help
The pull request was rejected for a valid reason, offering http allows users with limited network access chance to clone or download freebsd where https is not possible. We all have differences of option on the matter and having a flame war on a mailing list just gives the project a bad reputation. Regards, -- Luke Crooks Solent Wholesale Carpets www.solentwholesale.com On Fri, Dec 8, 2017 at 8:25 AM, TJ Varghese <tj@tjvarghese.com> wrote: > On 12/07/2017 10:50 PM, Poul-Henning Kamp wrote: > >> >> You can't have the latter without the former. Assertion of identity is >>> the only protection against MITM eavesdropping or tampering. >>> >> Or more generally: >> >> If you dont/cant trust the other end, why would you trust them to >> keep the communication secret ? >> >> > I'm curious as to your take on electronic banking. Should they all merely > use HTTP since HTTPS is hopelessly compromised by design? If your objection > is that HTTPS bring nothing to the security table, then it really doesn't > make a difference where it's used and we should all just stop using it, no? > > > > > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org > " >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAC0r6X94N4Dv=droSC=B8ri-sH2eb9gJgdvpVqwPt0pSenXfog>