http subversion URLs should be discontinued in favor of https URLs
Shawn Webb
shawn.webb at hardenedbsd.org
Mon Dec 11 15:16:36 UTC 2017
On Mon, Dec 11, 2017 at 03:08:37PM -0000, Christian Weisgerber wrote:
> On 2017-12-08, Luke Crooks <luke at solentwholesale.com> wrote:
>
> > The pull request was rejected for a valid reason, offering http allows
> > users with limited network access chance to clone or download freebsd where
> > https is not possible.
>
> Do users actually exist who have access to http but not to https?
> Or is this a myth? And how do these users access popular sites
> like Wikipedia, or www.FreeBSD.org for that matter?
In an effort to enforce encrypted comms, my network is the inverse:
TCP:80 is disallowed, but TCP:443 is accepted.
Thanks,
--
Shawn Webb
Cofounder and Security Engineer
HardenedBSD
GPG Key ID: 0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20171211/f24a89ba/attachment.sig>
More information about the freebsd-security
mailing list