Re: people.debian.org will move from ravel to paradis and become HTTPS only
Hi,
Ondřej Surý:
> Pervasive monitoring.
In and of itself, if you only access publicly-availble files, that's not a
threat.
> Really we should introduce encryption
> *everywhere*.
>
This change does not introduce encryption.
It disables the option not to use encryption.
I can accept that e.g. if you're using basic-auth or similar cleartext
password schemes on the link. Otherwise, not so much.
In other words: please add HTTPS capabilities to d-i before you do that.
--
-- Matthias Urlichs
Reply to: