Re: [dev] Some suckless hackathon 2017 preparation

On 2017-09-01, Silvan Jegen wrote: > On Fri, Sep 01, 2017 at 08:40:34AM -0400, Carlos Torres wrote: >> > On Aug 30, 2017, at 2:07 PM, Silvan Jegen wrote: >> > >> > * Wayland dwm prototype? >> > * Suckless Wayland client library prototype? >> >> I think

Re: [dev] Some suckless hackathon 2017 preparation

I don't know if it's possible, but a suckless issue tracker would be a god-send. On Fri, Sep 1, 2017 at 12:06 PM, Silvan Jegen wrote: > On Fri, Sep 01, 2017 at 08:40:34AM -0400, Carlos Torres wrote: >> > On Aug 30, 2017, at 2:07 PM, Silvan Jegen wrote: >>

Re: [dev] Some suckless hackathon 2017 preparation

On Fri, Sep 01, 2017 at 08:40:34AM -0400, Carlos Torres wrote: > > On Aug 30, 2017, at 2:07 PM, Silvan Jegen wrote: > > > > * Wayland dwm prototype? > > * Suckless Wayland client library prototype? > > I think Michael Forney has already addressed these issues. Yes, I am

Re: [dev] suckless.org TLS / HTTPS support

On 1 September 2017 at 17:05, Janne Heß wrote: > If you set the HSTS header for HTTPS connections, people will > automtically redirected to HTTPS if they visited once. > This would give an improved security because browsers would > automatically redirect to HTTPS while you

Re: [dev] suckless.org TLS / HTTPS support

If you set the HSTS header for HTTPS connections, people will automtically redirected to HTTPS if they visited once. This would give an improved security because browsers would automatically redirect to HTTPS while you could still telnet/curl it without having to use HTTPS. On 09/01/2017 04:52

Re: [dev] suckless.org TLS / HTTPS support

On 1 September 2017 at 10:33, Laslo Hunhold wrote: > Having given this a lot of thought over the last few days, I think > going with the redirect is the proper approach. The redirect is infantalizing the visitor. If I open a http:// URL I'm aware of the implications. Please end

Re: [dev] suckless.org TLS / HTTPS support

On 1 September 2017 at 10:15, ilf wrote: > No, I am serious. Users, who think HTTPS sucks, shouldn't use HTTP euther, > because that sucks, too. The choice shouldn't be HTTPS or HTTP, but HTTPS or > Gopher. But please let HTTP die. Gopher is long dead, only some

Re: [dev] Re: suckless.org TLS / HTTPS support

The web is now 60 % HTTPS: https://letsencrypt.org/stats/ If your middleboxes can't handle suckless.org, they have bigger problems. Rubén Llorente: Reason 1 is that https prevents content from being properly cached by ISP proxies or LAN proxies. Reason 2 is that https prevents content from

Re: [dev] Some suckless hackathon 2017 preparation

Hello, > On Aug 30, 2017, at 2:07 PM, Silvan Jegen wrote: > > * Wayland dwm prototype? > * Suckless Wayland client library prototype? I think Michael Forney has already addressed these issues. And many others. —Carlos

Re: [dev] suckless compromised?

On Fri, Sep 01, 2017 at 01:14:05PM +0200, hiro wrote: > On the website i just found the following information (not distributed > via mailing list either): > > "The suckless.org project is now hosted on a new server. All inactive > accounts have been removed during the relocation. > > Please note

Re: [dev] Opinions on GNU stow

In fact, I was thinking of writing a GNU Stow drop in replacement in Suckless-style C when I find some time (GNU Stow is written in Perl, I believe). I am always a bit confused when I hear about GNU stow. Does it provide more feature than this: ETC=$(cd "${0%/*}" && pwd) find "$ETC" -name

[dev] Re: suckless.org TLS / HTTPS support

Laslo Hunhold wrote: > I honestly agree with you. There's no reason not to use HTTPS Reason 1 is that https prevents content from being properly cached by ISP proxies or LAN proxies. It might not sound like a big deal, but if you are pressed up because of the lack of resources,

[dev] suckless compromised?

On the website i just found the following information (not distributed via mailing list either): "The suckless.org project is now hosted on a new server. All inactive accounts have been removed during the relocation. Please note that the new ECDSA key fingerprint is

Re: [dev] suckless.org TLS / HTTPS support

> So given the usual use cases, I think in our context nah, speak for yourself. your usecase and crappy software environment is irrelevant to all other people you're concerned about.

Re: [dev] suckless.org TLS / HTTPS support

btw, next you have to stop using plaintext mailinglists. we need a blockchain obviously.

Re: [dev] suckless.org TLS / HTTPS support

your 99% is bullshit. 99% of all people don't care to encrypt the silly suckless website specifically. the 1% that does can just type the https manually, what's the fucking big deal? On 9/1/17, Laslo Hunhold wrote: > On Fri, 1 Sep 2017 10:15:24 +0200 > ilf

Re: [dev] suckless.org TLS / HTTPS support

On Fri, 1 Sep 2017 10:15:24 +0200 ilf wrote: Dear ilf, > No, I am serious. Users, who think HTTPS sucks, shouldn't use HTTP > euther, because that sucks, too. The choice shouldn't be HTTPS or > HTTP, but HTTPS or Gopher. But please let HTTP die. > > In the current setup,

Re: [dev] suckless.org TLS / HTTPS support

ilf writes: > In the current setup, users who type the domain suckless.org into their > URL get HTTP cleartext. I think these users should get HTTPS. Just print a big ugly warning over HTTP: "HTTP is not supported. Update your bookmarks." It's the only step that will lead people both to change

Re: [dev] suckless.org TLS / HTTPS support

No, I am serious. Users, who think HTTPS sucks, shouldn't use HTTP euther, because that sucks, too. The choice shouldn't be HTTPS or HTTP, but HTTPS or Gopher. But please let HTTP die. In the current setup, users who type the domain suckless.org into their URL get HTTP cleartext. I think

Re: [dev] Opinions on GNU stow

On Thu, 31 Aug 2017, Matthew Parnell wrote: > I do use GNU Stow myself; however, only as a tool to provide a nice > wrapper to link my dotfiles from a git repo to where they ought to be. Same here. I haven't found any less-silly solution to date. Dropping the Perl dependency

Re: [dev] suckless.org TLS / HTTPS support

On 31 August 2017 at 21:10, ilf wrote: > hiro: >> >> this is not about just whether something has TLS support, this is about >> giving the user choices. > > > If you can't speak TLS, then use gopher instead of HTTP. I hear HTTPS sucks, > too. Come on, isn't this a