Uh, there’s no “SSL” anymore. The newer versions of SSL have been “TLS” since
the end of the nineties. https://en.wikipedia.org/wiki/Transport_Layer_Security
That being said, the suggested change here is to require HTTPS for www.cpan.org
by redirecting all plain-text HTTP requests to the HTTPS
On one hand SSL (especially openssl) has received a lot of negative
publicity about being insecure, so your proposal has merit.
The counter argument is that Perl and CPAN strive to be relevant for
ancient, old, young and brand-spanking-new installations. Forcing TLS would
likely break some older
> On Aug 31, 2017, at 19:44, James E Keenan wrote:
>
> To be honest, I had no idea what 'TLS' meant when I first read this message.
> So I can't say anything one way or the other about your proposal.
>
> I suspect I'm not alone in this. I would encourage you to post in a
On 08/31/2017 09:10 PM, Ask Bjørn Hansen wrote:
Hi everyone,
We’re considering how/how-much we can make www.cpan.org TLS-only.
http://log.perl.org/2017/08/tls-only-for-wwwcpanorg.html
I expect that we can’t make the whole site TLS-only without breaking some CPAN
clients, so the conservative
Hi everyone,
We’re considering how/how-much we can make www.cpan.org TLS-only.
http://log.perl.org/2017/08/tls-only-for-wwwcpanorg.html
I expect that we can’t make the whole site TLS-only without breaking some CPAN
clients, so the conservative version is to force TLS for
- any url ending in
5 matches
Mail list logo