On May 10, 2017 17:06:29 Paul Menzel <[email protected]> wrote:
Dear BLFS folks, It’d be awesome if you used the more secure HTTPS URL for downloading the HarBuzz archive in the instructions [1].
Yes, because it is totally very important that open source source code downloads are processed with the highest privacy possible.
Maybe the anduin patch downloads could be put in the darknet and only be made accessible by a tor browser, how about that?
``` $ curl -I http://www.freedesktop.org/software/harfbuzz/release/harfbuzz-1.4.6.tar.bz2 HTTP/1.1 302 Found Date: Wed, 10 May 2017 15:04:44 GMT Server: Apache/2.4.10 (Debian) Location: https://www.freedesktop.org/software/harfbuzz/release/harfbuzz-1.4.6.tar.bz2 Content-Type: text/html; charset=iso-8859-1 $ curl -I https://www.freedesktop.org/software/harfbuzz/release/harfbuzz-1.4.6.tar.bz2 HTTP/1.1 200 OK Date: Wed, 10 May 2017 15:04:49 GMT Server: Apache/2.4.10 (Debian) Last-Modified: Sun, 23 Apr 2017 23:22:36 GMT ETag: "16820e-54dddc4189d3b" Accept-Ranges: bytes Content-Length: 1475086 Content-Type: application/x-bzip2 ``` Maybe that could be done for all URLs with the domain *www.freedesktop.org*. Kind regards, Paul [1] http://www.linuxfromscratch.org/blfs/view/svn/general/harfbuzz.html -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
-- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
