On Mar 24, 2012, at 22:00, Ryan Stonecipher wrote: >> From: Ryan Schmidt <ryandes...@macports.org> >> >> Anywhere we list http URLs where https is available, just switch it to >> https; don't even mention that http is also available. That's what I've been >> doing in other cases.
> Is SSL necessary for end users syncing their local checkouts in a > read-only operation, for committers submitting revisions, or for both? > I could see benefits to ensuring commit operations are secure, but > have doubts about checkouts. > Encoding and decoding data burns CPU cycles and in turn watts; if the > data transferred in a checkout operation is neither private nor > sensitive, is the increased energy cost justified? We don't require SSL for anything. But I think it's a good idea to use it. Some http proxies mangle WebDAV (i.e. Subversion) requests; by using https, we ensure proxies aren't able to interfere with the transmission; by recommending users use https, we avoid some support emails. github serves all pages https; seems to work for them. _______________________________________________ macports-dev mailing list macports-dev@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/macports-dev
