[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: preferring https: to http: in commit messages for gnu.org
From: |
Robert Pluim |
Subject: |
Re: preferring https: to http: in commit messages for gnu.org |
Date: |
Mon, 16 Oct 2017 18:20:13 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.0.90 (gnu/linux) |
Yuri Khan <address@hidden> writes:
> On Mon, Oct 16, 2017 at 10:09 PM, Eli Zaretskii <address@hidden> wrote:
>
>> That includes URLs such as
>>
>> http://lists.gnu.org/archive/html/emacs-devel/2017-10/msg00592.html
>>
>>> The goal is for developers to have reliable communications
>>> from the GNU project itself, even if other sources are less reliable.
>
> A good first step towards that goal is to configure the server at
> http://lists.gnu.org/* to serve a permanent redirect to
> https://lists.gnu.org/*.
No, a good first step is to upgrade https://lists.gnu.org to use TLS
1.2 instead of 1.0, then we can start thinking about redirects and/or
enforcing https spelling in commits. eg Mozilla in paranoid mode will
refuse to connect to TLS 1.0 sites, with no override available
Robert