[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: people.debian.org will move from ravel to paradis and become HTTPS only

On Sun, Jul 20, 2014 at 09:23:55AM +0200, Ondřej Surý wrote:
> On Sun, Jul 20, 2014, at 08:15, Wouter Verhelst wrote:
> > > There are lots of attack vectors.  It's not a response to a single
> > > attack being exploited in the wild.

> > So name one?

> Pervasive monitoring. Really we should introduce encryption
> *everywhere*.

If this were DSA's position, I would disagree with it, but I would
understand where they're coming from.  But DSA has *not* said that this is
the reason for enforcing use of a protocol with significantly higher

I do think that if DSA are going to enforce such a policy, they should be
able to explain why.

Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org

Attachment: signature.asc
Description: Digital signature

Reply to: