Bug#897082: lintian: Please do not warn about debian-watch-uses-insecure-uri for ftp:// URIs

To: Niels Thykier <niels@thykier.net>
Cc: Chris Lamb <lamby@debian.org>, 897082@bugs.debian.org, Andreas Tille <tille@debian.org>
Subject: Bug#897082: lintian: Please do not warn about debian-watch-uses-insecure-uri for ftp:// URIs
From: Russ Allbery <rra@debian.org>
Date: Sat, 28 Apr 2018 10:36:20 -0700
Message-id: <[🔎] 871sezteqz.fsf@hope.eyrie.org>
Reply-to: Russ Allbery <rra@debian.org>, 897082@bugs.debian.org
In-reply-to: <[🔎] 44ee64bc-45fb-c372-cf79-944221795838@thykier.net> (Niels Thykier's message of "Sat, 28 Apr 2018 09:48:00 +0000")
References: <[🔎] 152489458355.23052.8227212015942023876.reportbug@mail.an3as.eu> <[🔎] 1524900700.402276.1353696712.2DC6542D@webmail.messagingengine.com> <[🔎] 20180428091619.qc6pi4zjgytxpiv3@an3as.eu> <[🔎] 152489458355.23052.8227212015942023876.reportbug@mail.an3as.eu> <[🔎] 1524908463.2649518.1353754888.0B7D8297@webmail.messagingengine.com> <[🔎] 152489458355.23052.8227212015942023876.reportbug@mail.an3as.eu> <[🔎] 44ee64bc-45fb-c372-cf79-944221795838@thykier.net> <[🔎] 152489458355.23052.8227212015942023876.reportbug@mail.an3as.eu>

Niels Thykier <niels@thykier.net> writes:
> Chris Lamb:
>> Hi Andreas,
>> 
>>> [...]
>> ... which does seem to cover the ftp:// case. Perhaps you were
>> thinking of something like:
>> 
>>  The watch file uses an unencrypted transport protocol for the
>>  URI such as http:// or ftp://. It is recommended to use a secure
>>  transport such as HTTPS for anonymous read-only access.

> Perhaps "... such as HTTPS or FTPS (FTP + TLS) for anonymous read-only
> access." would help cover the FTP-case?

I suspect the number of free software distribution sites that currently
use FTP but would support FTP + TLS is at most a rounding error away from
zero.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

References:
- Bug#897082: lintian: Please do not warn about debian-watch-uses-insecure-uri for ftp:// URIs
  - From: Andreas Tille <tille@debian.org>
- Bug#897082: lintian: Please do not warn about debian-watch-uses-insecure-uri for ftp:// URIs
  - From: Chris Lamb <lamby@debian.org>
- Bug#897082: lintian: Please do not warn about debian-watch-uses-insecure-uri for ftp:// URIs
  - From: Andreas Tille <tille@debian.org>
- Bug#897082: lintian: Please do not warn about debian-watch-uses-insecure-uri for ftp:// URIs
  - From: Chris Lamb <lamby@debian.org>
- Bug#897082: lintian: Please do not warn about debian-watch-uses-insecure-uri for ftp:// URIs
  - From: Niels Thykier <niels@thykier.net>

Prev by Date: Bug#897082: lintian: Please do not warn about debian-watch-uses-insecure-uri for ftp:// URIs
Next by Date: Bug#897080: Please detect long descriptions starting with lowercase to catch short descriptions continuing into long
Previous by thread: Processed: Re: Bug#897082: lintian: Please do not warn about debian-watch-uses-insecure-uri for ftp:// URIs
Next by thread: Bug#897082: lintian: Please clarify what to do with debian-watch-uses-insecure-uri for ftp:// URIs
Index(es):
- Date
- Thread