"Beginning in July 2018 with the release of Chrome 68, Chrome will mark all
HTTP sites as “not secure”."
any mirror that still uses just http, not https, pkg_* should only allow https
also, default redirect to HTTPS should be advisable
HTTPS would provide integrity, privacy, authenticity.
Have a great weekend!
ps.: OpenBSD team is great! I am just advising that it would be better to use
> Sent: Thursday, February 08, 2018 at 12:37 AM
> From: "Charlie Eddy" <charlie.e...@occipital.com>
> To: jer...@fuckthensa.nl
> Cc: "Jonathan Thornburg" <jth...@astro.indiana.edu>, firstname.lastname@example.org
> Subject: Re: OpenBSD Foundation on HTTPS
> Hello Jonathan Thornburg,
> That is quite simple. The post will work.
> On Wed, Feb 7, 2018 at 6:42 AM, Jeroen <jer...@fuckthensa.nl> wrote:
> > With HTTPS, can you be sure that the server isn't comprimised? With or
> > without HTTPS, it's always a good idea to check wether the address is
> > correct (a foundation has to be registered and at other places).
> > On Wed, 2018-02-07 at 14:40 +0100, Jonathan Thornburg wrote:
> > > From http://www.openbsdfoundation.org/donations.html :
> > > > Donations may be made by cheque in CAD/EUR/USD funds to:
> > > >
> > > > The OpenBSD Foundation
> > > > 8101 160 Street
> > > > Edmonton, Alberta, Canada
> > > > T5R 2G9
> > >
> > > Without https, how can one verify that that is the correct address?
> > >
> > >