HTTPS on freebsd.org, git, reproducible builds

Dan Lukes dan at obluda.cz
Sat Sep 19 08:21:31 UTC 2015


Chad J. Milios wrote:
> How did this topic of the conversation start? Because http://freebsd.org doesn't issue a redirect to https://? Such a thing does not increase security

I'm against automatic redirection as well. If someone prefer https then
he can use it just now. If someone can't use https or doesn't prefer it,
then he can use https. I see nothing positive to force https regardless
the users preference.

According binary distribution - I would like prefer a validation
mechanism independent from particular transport protocol. E.g. a
signature. In such case even FTP can be used.

Just my $0.02

Dan



More information about the freebsd-security mailing list