* FTP,HTTP → HTTPS in Emacs doc and code
@ 2017-09-13 23:58 Paul Eggert
2017-09-14 12:20 ` Philippe Vaucher
2017-09-14 20:50 ` Richard Stallman
0 siblings, 2 replies; 5+ messages in thread
From: Paul Eggert @ 2017-09-13 23:58 UTC (permalink / raw)
To: Emacs development discussions
Inspired by the impending decommissioning of ftp://ftp.gnu.org due to
security concerns, I went through the Emacs master branch and changed
these FTP URLs to https://ftp.gnu.org. While I was at it, I did the
much-bigger task of changing http: to https: for most gnu.org and
fsf.org URLs. (I ran out of energy before doing the MS-Windows files,
and I hope someone else can take up the slack there.)
Although the web pages in question are not secret, plain HTTP is
vulnerable to malicious routers that tamper with responses from GNU
servers, and this sort of thing is all too common when people in some
other countries browse US-based websites. See, for example:
Aceto G, Botta A, Pescapé A, Awan MF, Ahmad T, Qaisar S. Analyzing
internet censorship in Pakistan. RTSI 2016.
https://dx.doi.org/10.1109/RTSI.2016.7740626
HTTPS is not a complete solution here, but it can be a significant help.
The GNU project regularly serves up code to users, so we should take
some care here.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: FTP,HTTP → HTTPS in Emacs doc and code
2017-09-13 23:58 FTP,HTTP → HTTPS in Emacs doc and code Paul Eggert
@ 2017-09-14 12:20 ` Philippe Vaucher
2017-09-14 14:31 ` Paul Eggert
2017-09-14 20:50 ` Richard Stallman
1 sibling, 1 reply; 5+ messages in thread
From: Philippe Vaucher @ 2017-09-14 12:20 UTC (permalink / raw)
To: Paul Eggert; +Cc: Emacs development discussions
[-- Attachment #1: Type: text/plain, Size: 579 bytes --]
> Inspired by the impending decommissioning of ftp://ftp.gnu.org due to
> security concerns, I went through the Emacs master branch and changed these
> FTP URLs to https://ftp.gnu.org. While I was at it, I did the much-bigger
> task of changing http: to https: for most gnu.org and fsf.org URLs. (I
> ran out of energy before doing the MS-Windows files, and I hope someone
> else can take up the slack there.)
>
Sorry if I'm being dense here, but isn't this simply a matter of running
`sed -i` recursively and changing all the link at once with the appropriate
regex?
Philippe
[-- Attachment #2: Type: text/html, Size: 1084 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: FTP,HTTP → HTTPS in Emacs doc and code
2017-09-14 12:20 ` Philippe Vaucher
@ 2017-09-14 14:31 ` Paul Eggert
0 siblings, 0 replies; 5+ messages in thread
From: Paul Eggert @ 2017-09-14 14:31 UTC (permalink / raw)
To: Philippe Vaucher; +Cc: Emacs development discussions
Philippe Vaucher wrote:
> Sorry if I'm being dense here, but isn't this simply a matter of running
> `sed -i` recursively and changing all the link at once with the appropriate
> regex?
I used Emacs instead of sed -i, but yes that's a good way to start. However,
there are some exceptions (both false positive and false negatives) so the
result needs to be hand-checked. Among other things, I left the
http://lists.gnu.org URLs alone for now because I was being cautious: while
testing all this I found that those URLs are served by an older host that does
not support TLS 1.1 or 1.2 yet (I have opened a trouble ticket for that...).
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: FTP,HTTP → HTTPS in Emacs doc and code
2017-09-13 23:58 FTP,HTTP → HTTPS in Emacs doc and code Paul Eggert
2017-09-14 12:20 ` Philippe Vaucher
@ 2017-09-14 20:50 ` Richard Stallman
2017-09-17 3:46 ` Paul Eggert
1 sibling, 1 reply; 5+ messages in thread
From: Richard Stallman @ 2017-09-14 20:50 UTC (permalink / raw)
To: Paul Eggert; +Cc: emacs-devel
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
Thanks for making those changes.
--
Dr Richard Stallman
President, Free Software Foundation (gnu.org, fsf.org)
Internet Hall-of-Famer (internethalloffame.org)
Skype: No way! See stallman.org/skype.html.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2017-09-17 3:46 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-09-13 23:58 FTP,HTTP → HTTPS in Emacs doc and code Paul Eggert
2017-09-14 12:20 ` Philippe Vaucher
2017-09-14 14:31 ` Paul Eggert
2017-09-14 20:50 ` Richard Stallman
2017-09-17 3:46 ` Paul Eggert
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.