> Am 30.08.2016 um 09:52 schrieb Hans Hagen <[email protected]>: > > On 8/30/2016 9:23 AM, Martin Schröder wrote: >> 2016-08-30 9:05 GMT+02:00 Taco Hoekwater <[email protected]>: >>> www.luatex.org (we could do that, we just never needed it, so why >>> spend money). >> >> They are free now: Let's Encrypt. :-) > > we have no secrets
https should be the default. I don't buy this 'we have no secrets' argument, as the provider cannot judge in all cases if submitted/requested data is perfectly non-sensitive. Using unencrypted connections on a public wifi for example can be dangerous. There are so many reasons against unencrypted connections, and only very little against encrypted ones. Two sites with arguments: https://https.cio.gov/everything/ https://developers.google.com/web/fundamentals/security/encrypt-in-transit/why-https To protect the integrity of TeX and friends distributions we should never rely on unencrypted connections. But this is getting off-topic, I guess. Patrick
