On Mon, Jul 14, 2014 at 11:16:01AM +0200, Holger Levsen wrote: > am I getting this right, that there are architectures which are too slow to > use https??? if so: "wow"... This seems likely, especially for embedded platforms where power is a massive constraint. > (And, if that's the case, I dont't think we should care about those then... > Debian doesn't run on an 6502 neither ;) If Debian stops supporting embedded platforms, it stops being a universal operating system. I think HTTPS is a good thing, but could we not also have a VHOST named something like insecure.people.d.o that continued to allow access via plain HTTP? It is also possible (not sure about this) that there are countries where encryption is not permitted and so this would exclude anyone in those countries from accessing people.d.o's content. We have provisions in place (iirc) for accepting packages from people in such countries, we should also have provisions in place for allowing people in such countries to access people.d.o. Iain. -- e: irl@fsfe.org w: iain.learmonth.me x: irl@jabber.fsfe.org t: +447875886930 c: MM6MVQ g: IO87we p: 1F72 607C 5FF2 CCD5 3F01 600D 56FF 9EA4 E984 6C49
Attachment:
pgpRFimy2hk8w.pgp
Description: PGP signature