| 1 |
On Sun, 29 Mar 2015 23:35:54 +0600 |
| 2 |
"Vadim A. Misbakh-Soloviov" <mva@×××.name> wrote: |
| 3 |
|
| 4 |
> Despite of all you're talking about is right from paranoid point of |
| 5 |
> view, I'd, anyway, say "DO NOT DO THAT", because you propose to |
| 6 |
> revoke the right of choice from the users. |
| 7 |
|
| 8 |
A "right of choice" from the user only makes sense if there is a |
| 9 |
reasonable choice. |
| 10 |
|
| 11 |
Just to take this to the extreme: Should we add a heartbleed-enabled |
| 12 |
version of openssl back to the portage tree? It's the choice of the |
| 13 |
user if they want to have heartbleed enabled, right? |
| 14 |
|
| 15 |
If there is no disadvantage for the more secure protocols then there is |
| 16 |
no need for a choice. |
| 17 |
|
| 18 |
> Moreover, there are some times where it is impossible to fetch |
| 19 |
> sources via "secure" way, but you need it right here and right now. |
| 20 |
|
| 21 |
This has been said before, also in the thread about the webpage. Can |
| 22 |
you say what times that would be? |
| 23 |
Basically these days it's not possible to use the mainstream internet |
| 24 |
without https (you can't search google or log into facebook without |
| 25 |
https). |
| 26 |
I'd really like to hear of any real world situation where this is an |
| 27 |
issue. |
| 28 |
|
| 29 |
-- |
| 30 |
Hanno Böck |
| 31 |
http://hboeck.de/ |
| 32 |
|
| 33 |
mail/jabber: hanno@××××××.de |
| 34 |
GPG: BBB51E42 |
Archives