From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id cL51FXBIj1/2OQAA0tVLHw (envelope-from ) for ; Tue, 20 Oct 2020 20:28:32 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id gFNSEXBIj1/3AwAA1q6Kng (envelope-from ) for ; Tue, 20 Oct 2020 20:28:32 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id E2CF794051F for ; Tue, 20 Oct 2020 20:28:31 +0000 (UTC) Received: from localhost ([::1]:37288 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kUyFA-0000cr-R6 for larch@yhetil.org; Tue, 20 Oct 2020 16:28:28 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:53924) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kUyEz-0000cc-Ds for help-guix@gnu.org; Tue, 20 Oct 2020 16:28:17 -0400 Received: from lepiller.eu ([89.234.186.109]:38984) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kUyEv-0007Jr-K4 for help-guix@gnu.org; Tue, 20 Oct 2020 16:28:17 -0400 Received: from lepiller.eu (localhost [127.0.0.1]) by lepiller.eu (OpenSMTPD) with ESMTP id 33cdc5ec; Tue, 20 Oct 2020 20:28:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=lepiller.eu; h=date :in-reply-to:references:mime-version:content-type :content-transfer-encoding:subject:to:cc:from:message-id; s= dkim; bh=EqarkoEeWVAWbHtfXCF0Oq37FHzGU4dzckzuXz3tsU8=; b=SOkE7CP OfxoFgDxcByw0HG3anqNS8cr5yZuUBMWFr27bVYnYCK2apYmU/rgJoDBXohKWSnz OT9VqMpeRIKpJGKCeYxIQieotES59Ujd5E9u6dohaUkcHfj06ft+qM3eWaSzLpFT 2k7y7osUgZ15xln2eLLlJfzdyIx66jXirdSI+9WwaSLn9JvOw2hE0v7NADyn56aP PTbBAZL0gJCJR+njbLvYvm8gWuS+qR55oTjVAhKtzdbCyg/cBtkc1oAtbYhf/46M 4fehHESJ9t7GCT3tk/HANVdEoVMHBWpiZCRnSpClxaPIAU+/jJuN8Nr3U8wMW/Lf 25mGpLSOtgYHmdQ== Received: by lepiller.eu (OpenSMTPD) with ESMTPSA id ed3272d2 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Tue, 20 Oct 2020 20:28:06 +0000 (UTC) Date: Tue, 20 Oct 2020 15:57:28 -0400 User-Agent: K-9 Mail for Android In-Reply-To: <871rhszqyy.fsf@dismail.de> References: <9b692ffdb5f2c36d1d180469b80d680a6124a30e.camel@divoplade.fr> <10F62E93-11E5-4287-A0A5-F671AAEBA6A7@lepiller.eu> <871rhszqyy.fsf@dismail.de> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: Certbot service: no http -> https redirection To: Joshua Branson From: Julien Lepiller Message-ID: <39E316D0-15EC-442A-9E00-C3D8916F1483@lepiller.eu> Received-SPF: pass client-ip=89.234.186.109; envelope-from=julien@lepiller.eu; helo=lepiller.eu X-detected-operating-system: by eggs.gnu.org: First seen = 2020/10/20 16:28:09 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: help-guix@gnu.org Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=fail (rsa verify failed) header.d=lepiller.eu header.s=dkim header.b=SOkE7CP ; dmarc=fail reason="SPF not aligned (relaxed)" header.from=lepiller.eu (policy=none); spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org X-Spam-Score: 0.09 X-TUID: C1LWxqwx+gD8 Le 20 octobre 2020 14:34:29 GMT-04:00, Joshua Branson a =C3=A9crit : > >Oh, now that you guys mention it, isn't a http to https re-direct a >potential security risk, via a man in the middle attack? How could it be worse than serving your site on http?