http subversion URLs should be discontinued in favor of https URLs

[Poul-Henning Kamp]

--------
In message <6fff232c-65c0-34bc-a950-0e79eda025c8 at denninger.net>, Karl Denninger
 writes:

>> As I mentioned humoursly to you in private email, I don't think
>> this particular problem will reach consensus any sooner if you 
>> also tangling it in the SVN vs GIT political issue.
>
>Fair enough but I think my underlying point -- that svn ought to provide
>the ability to distribute signed bits, and if it can't then it should
>either be wrapped or augmented to do so if possible, and tossed if not,
>remains valid.

It sure does, but knowing crypto-code and knowing the projects
decision making process about such things, I see neither adding that
to svn nor replacing svn as feasible this side of 2020.

>Removing unencrypted transport is thus IMO a net bad as it *claims* to
>address this but doesn't.  That's bad because you now lead people to
>*believe* they have a secure means of tracking the project's bits but
>that's factually false.

+1

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.