[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: myth(?): places in the world where https is illegal? Re: people.debian.org will move from ravel to paradis and become HTTPS only

On Mon, Jul 21, 2014 at 02:38:14PM +0000, Jacob Appelbaum wrote:
> On 7/21/14, Iain R. Learmonth <irl@fsfe.org> wrote:
> By that reasoning, we may not authenticate except by sending plaintext
> passwords over such a network. That seems to either be an old policy,
> a mistake or a network that is simply hostile towards modern security
> requirements for individuals.

I would say that a message digest to authenticate a message doesn't obscure
its meaning for other amateurs as others could use it to verify the same
message in the same way as the intended recipient.

If SSL were used only for authentication, using a NULL cipher, then I would
think that would be allowed, but also I would question any webserver that
has SSL enabled with a NULL cipher also enabled.

Remember, I'm not asking for HTTPS to not be default, just for an
alternative VHOST name to be available without HTTPS. Users would have to be
explicitly asking for it and it's only a few lines of Apache configuration
to set up.

> Is anyone hosting software on p.d.o and actually having it downloaded
> over a radio link? That sounds like a good project but I wonder if
> practically it happens in the wild?

This is probably something I would have done, as I'm just getting back into
amateur radio. I have not done it yet though. I would be interested to hear
if there are any use cases out there. I bet they are part of rather cool

> We should not be beholden to the lowest common denominator. This seems
> especially so when it is a matter of theory and without practical
> issue.

This is not what I'm asking for, just a seperate VHOST for those that want
to use it. Of course, it's probably trivial to set up an HTTP service that
proxies to the HTTPS one, but it's even more trivial to add those few lines
of config to add a VHOST on the new machine.


e: irl@fsfe.org            w: iain.learmonth.me
x: irl@jabber.fsfe.org     t: +447875886930
c: MM6MVQ                  g: IO87we
p: 1F72 607C 5FF2 CCD5 3F01 600D 56FF 9EA4 E984 6C49

Attachment: pgpFayKAfars1.pgp
Description: PGP signature

Reply to: