Hi
@hannob filed issue #1882 the other day about the large number of insecure
download links from our download page (https://curl.haxx.se/download.html)
It made me go through all the visible links, remove a few truly dead ones and
upgrade a whole bunch of them to HTTPS versions. Most of them are however
still HTTP or FTP since they're not available using a secure protocol.
My count says 38% of the current download links that we have stored are now
using HTTPS. I think that's far too few for us to consider killing off all
non-HTTPS links or something as radical as that, even if I of course would
rather have us have more HTTPS links.
I considered for a moment if we should add some symbol or something for
"unsafe" links, but I think we're better off leaving that responsibility to
the browsers and trust that users mostly already know this.
If you have ideas, thoughts or feedback on this I'm interested. I will
otherwise close the issue within soon as I don't think there's a lot more we
can do on this right now.
#1882: https://github.com/curl/curl/issues/1882
--
/ daniel.haxx.se
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
