From: Stefan Monnier <monnier@iro.umontreal.ca>
To: emacs-devel@gnu.org
Subject: Re: serving ELPA over HTTP/S
Date: Tue, 05 May 2015 13:38:40 -0400 [thread overview]
Message-ID: <jwvoalzx74q.fsf-monnier+emacs@gnu.org> (raw)
In-Reply-To: <87k2wn9ket.fsf@lifelogs.com> (Ted Zlatanov's message of "Tue, 05 May 2015 10:19:22 -0400")
> http://blog.codinghorror.com/should-all-web-traffic-be-encrypted/ or in
> the proposed HTTP 2.0 standard. You may disagree, but I think the burden
> of proof today should be on those who want to *disable* encryption.
I largely agree, but at the same time, we've been running without even
any kind of signature verification until very recently, and even Debian
works without https, so clearly it's not that big of deal.
> If the user doesn't have GnuPG installed (and we've agreed to treat that
> as an acceptable situation, right?),
I could agree to emitting a warning if neither of gnutls nor gnupg
are available.
And I don't see a good reason to let the user turn the warning off
(after all, she can turn it off by installing gnupg).
>>> 1) so ELPA archives can have multiple URLs. Assuming there's just one is
>>> not ideal in the long term.
SM> That's a separate issue, unrelated to http/https.
> And yet it would also be addressed by my proposal, so I think it's worth
> considering.
I'm not opposed, but I think it's much more complex than just using
https by default when it's available.
Having several URL with a failover from one to the other, opens up the
issue of timeouts and other forms of failures, which can be pretty ugly,
so will require more care in the implementation to make it work well
enough (after defining what "well enough" should be in this context).
Stefan
next prev parent reply other threads:[~2015-05-05 17:38 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-04 13:25 serving ELPA over HTTP/S Ted Zlatanov
2015-05-04 14:22 ` Stefan Monnier
2015-05-04 14:53 ` Ted Zlatanov
2015-05-04 15:41 ` Stefan Monnier
2015-05-04 16:01 ` Ted Zlatanov
2015-05-04 17:20 ` Ivan Shmakov
2015-05-04 19:16 ` Stefan Monnier
2015-05-04 19:54 ` Ted Zlatanov
2015-05-05 11:50 ` Stefan Monnier
2015-05-05 14:19 ` Ted Zlatanov
2015-05-05 14:53 ` Artur Malabarba
2015-05-05 17:38 ` Stefan Monnier [this message]
2015-05-04 14:42 ` Artur Malabarba
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=jwvoalzx74q.fsf-monnier+emacs@gnu.org \
--to=monnier@iro.umontreal.ca \
--cc=emacs-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).