On Sun, 29 Mar 2015 23:35:54 +0600 "Vadim A. Misbakh-Soloviov" <[email protected]> wrote:
> Despite of all you're talking about is right from paranoid point of > view, I'd, anyway, say "DO NOT DO THAT", because you propose to > revoke the right of choice from the users. A "right of choice" from the user only makes sense if there is a reasonable choice. Just to take this to the extreme: Should we add a heartbleed-enabled version of openssl back to the portage tree? It's the choice of the user if they want to have heartbleed enabled, right? If there is no disadvantage for the more secure protocols then there is no need for a choice. > Moreover, there are some times where it is impossible to fetch > sources via "secure" way, but you need it right here and right now. This has been said before, also in the thread about the webpage. Can you say what times that would be? Basically these days it's not possible to use the mainstream internet without https (you can't search google or log into facebook without https). I'd really like to hear of any real world situation where this is an issue. -- Hanno Böck http://hboeck.de/ mail/jabber: [email protected] GPG: BBB51E42
pgpQ0bCBb3afe.pgp
Description: OpenPGP digital signature
