From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 53491 invoked by alias); 25 Apr 2016 19:59:16 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 53474 invoked by uid 89); 25 Apr 2016 19:59:15 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=0.8 required=5.0 tests=BAYES_50,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.2 spammy=Adam, Dinwoodie, dinwoodie, encrypting X-HELO: gproxy4-pub.mail.unifiedlayer.com Received: from gproxy4-pub.mail.unifiedlayer.com (HELO gproxy4-pub.mail.unifiedlayer.com) (69.89.23.142) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with SMTP; Mon, 25 Apr 2016 19:59:05 +0000 Received: (qmail 17901 invoked by uid 0); 25 Apr 2016 19:59:03 -0000 Received: from unknown (HELO cmgw4) (10.0.90.85) by gproxy4.mail.unifiedlayer.com with SMTP; 25 Apr 2016 19:59:03 -0000 Received: from box867.bluehost.com ([69.195.124.67]) by cmgw4 with id mjyz1s0181TMts501jz2s0; Mon, 25 Apr 2016 13:59:03 -0600 X-Authority-Analysis: v=2.1 cv=aJ5j99Nm c=1 sm=1 tr=0 a=x/h8IXy5FZdipniTS+KQtQ==:117 a=x/h8IXy5FZdipniTS+KQtQ==:17 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=IkcTkHD0fZMA:10 a=CnPQkyIfcMwA:10 a=xmZoPxhebIwA:10 a=kziv93cY1bsA:10 a=jJwwl4nsAAAA:8 a=msddSgpGSyzgFRjey0EA:9 a=QEXdDO2ut3YA:10 Received: from [192.154.176.197] (port=55980 helo=[10.1.84.178]) by box867.bluehost.com with esmtpsa (TLSv1:ECDHE-RSA-AES256-SHA:256) (Exim 4.86_2) (envelope-from ) id 1aumep-0004PC-Kv for cygwin@cygwin.com; Mon, 25 Apr 2016 13:58:59 -0600 Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\)) Subject: Re: Proposed patch for web site: update most links to HTTPS From: Vince Rice In-Reply-To: <0D835E9B9CD07F40A48423F80D3B5A702EAF3FBD@USA7109MB022.na.xerox.net> Date: Mon, 25 Apr 2016 20:46:00 -0000 Content-Transfer-Encoding: quoted-printable Message-Id: <44C9F285-6E2A-4111-BBDE-957A6E4B4581@solidrocksystems.com> References: <20160425124332.GO2345@dinwoodie.org> <0D835E9B9CD07F40A48423F80D3B5A702EAF3FBD@USA7109MB022.na.xerox.net> To: "cygwin@cygwin.com" X-Identified-User: {3986:box867.bluehost.com:solidrr2:solidrocksystems.com} {sentby:smtp auth 192.154.176.197 authed with vrice@solidrocksystems.com} X-IsSubscribed: yes X-SW-Source: 2016-04/txt/msg00597.txt.bz2 > On Apr 25, 2016, at 2:33 PM, Nellis, Kenneth w= rote: >=20 > -----Original Message----- > From: Adam Dinwoodie=20 >> ... >> But I agree with Brian: the Cygwin website >> should use https everywhere unless there's some good, specific reason >> why it's a bad idea... >=20 > 1. Did Brian say that? I couldn't find it in the thread. > 2. I would be interested to hear the rationale for such a statement. > Cygwin is open source. What's the point of encrypting? I=E2=80=99m not sure what being open source has to do with it. It should be encrypted for privacy. Frankly, from what we=E2=80=99ve seen i= n the last couple of years, plain http: should disappear. It should all be = https. (And Adam is exactly correct on the performance; it is a non-issue t= oday and has been for years.) -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple