From: L A Walsh <cygwin@tlinx.org>
To: cygwin@cygwin.com
Subject: Re: SSL should not be required for setup.exe download
Date: Mon, 11 Mar 2019 13:13:00 -0000 [thread overview]
Message-ID: <5C865EE2.7040206@tlinx.org> (raw)
In-Reply-To: <3132c0de-2689-a270-b996-d309017ca815@maxrnd.com>
On 3/10/2019 10:16 PM, Mark Geisert wrote:
> FWIW, I can reproduce the OP's STC using Chrome, Firefox, and Pale Moon. Not
> sure why it happens for some folks but not others. But since it does exist for
> some users, should it be dealt with?
>
---
Probably: https should be disabled on the site, then no one who has
used hsts will be able to access the site. If https goes down for
some reason, anyone running hsts won't be able to access the site unless
they figure out to how to reset their browser.
Only people who are using https would have hsts enabled. If someone
only uses http, or is a browser that doesn't accept it or disables
it (for a few years I used a browser setting to disable it) because
I like knowing when google is being notified. Unfortunately, now,
they are getting my email cuz I had to find a new provider on relative
short notice. I didn't realize that they delete your incoming list
email if they thing you got it directly -- which messes up reading
messages in context on a list.
They also delete incoming list email that you *sent* from
a google account because, they will tell you, that you can go find
the message in your 'Sent' email (unless you deleted it, in which
case its your own fault). As it is, I'm finding emails going
missing because they though it came through to me, but for whatever
reason may have been filed in another, unrelated email box that
was also Cc'd.
Google is irresponsible and has a history of creating changes then
backing them out or getting people on products/forums then killing
those products/tools. If you ever noticed...nearly everything from
them is in "Beta". A few years ago, google added 'fonts for the web' --
another enticement for web-owners to tell your browser to contact google.
Of course if the text is encrypted because of HSTS, you won't see it
before it has connected.
Normally I haven't been worried about most of goog's changes but
when they started deleting email that they think I should have another
copy of -- that was unacceptable. They misrepresented their email
service (that I'm paying for) as able to pass through unfiltered
email. Such is not the case. Not only that, but they add about 5-6K
to every message that comes through. I used to have mail <1K: not
anymore.
As cygwin stands now, only those who choose https, will get it. Yet
still people are complaining because everyone isn't forced to do the
same. That is the attitude google and other social echo-chambers
are breeding and cultivating.
I find it anything but innocuous.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
next prev parent reply other threads:[~2019-03-11 13:13 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-10 4:54 SSL not " Archie Cobbs
2019-03-10 13:35 ` Andrey Repin
2019-03-10 16:35 ` Archie Cobbs
2019-03-10 14:16 ` Brian Inglis
2019-03-10 23:20 ` L A Walsh
2019-03-11 3:53 ` Archie Cobbs
2019-03-11 13:13 ` Brian Inglis
2019-03-11 13:22 ` L A Walsh
2019-03-11 13:39 ` L A Walsh
2019-03-10 14:16 ` Brian Inglis
2019-03-10 16:40 ` Archie Cobbs
2019-03-11 3:51 ` Brian Inglis
2019-03-11 5:16 ` Mark Geisert
2019-03-11 11:50 ` Brian Inglis
2019-03-11 13:13 ` L A Walsh [this message]
2019-03-11 13:44 ` Archie Cobbs
2019-03-11 19:42 ` Brian Inglis
2019-03-11 22:14 ` Archie Cobbs
2019-03-11 22:59 ` Lee
2019-03-12 13:47 ` Archie Cobbs
2019-03-12 14:31 ` Brian Inglis
2019-03-12 14:58 ` Archie Cobbs
2019-03-15 12:25 ` Brian Inglis
2019-03-28 18:13 ` Erik Soderquist
2019-03-12 19:21 ` Achim Gratz
2019-03-12 19:59 ` Lee
2019-03-12 0:20 ` Andrey Repin
2019-03-12 19:45 ` Lee
2019-03-12 20:35 ` Andrey Repin
2019-03-12 21:14 ` Lee
2019-03-12 21:35 ` Andrey Repin
2019-03-12 22:01 ` Lee
2019-03-12 20:42 ` Achim Gratz
2019-03-12 21:32 ` Lee
2019-03-12 21:35 ` Andrey Repin
2019-03-12 21:50 ` Lee
2019-03-13 20:50 ` Andrey Repin
2019-03-11 20:24 ` SSL should not be required for open source downloading L A Walsh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5C865EE2.7040206@tlinx.org \
--to=cygwin@tlinx.org \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).