X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:reply-to:message-id:to:subject :in-reply-to:references:mime-version:content-type :content-transfer-encoding; q=dns; s=default; b=KmFse+pkeaPO6M5p ol1enmjSd16/ErQ+TjYv3rieP+mCUmSJwI7LTVqPkGeXOVxHVTD0r7Iu7PfiGphq quBZ0JGDxCUaMx+X7Oorny8ckbqqpy3rYM21deXGQ85EFjiRaEJfw1iYxgwceoF6 N45c6dmO/LtZzZbFfquqNv4txN8= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:reply-to:message-id:to:subject :in-reply-to:references:mime-version:content-type :content-transfer-encoding; s=default; bh=QUKPgzTrMeDw0R75y8DjbC ktz1Q=; b=Mb2zRp1JdNnKGimSSeJWVRggpCzsWBNBMj0cMyDuSd4rf3W71CFwWp TxmghZz548su7lZwOvjb307mH0k0/zf8ZTCSejXTPWa9hskTrwjUEGmRQlTjnJf7 rMbEamKKAwoali6sD9wnQsGRsG6HRDAP0ceU1KizBTMA5TPpPJJig= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=4.1 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,KAM_THEBAT,SPF_SOFTFAIL autolearn=no version=3.3.2 spammy=H*UA:Bat!, H*x:Bat!, H*r:sk:postmas, H*UA:Home X-HELO: smtp.ht-systems.ru Date: Mon, 25 Apr 2016 16:05:17 +0300 From: Andrey Repin Reply-To: cygwin AT cygwin DOT com Message-ID: <1591620976.20160425160517@yandex.ru> To: Adam Dinwoodie , cygwin AT cygwin DOT com Subject: Re: Proposed patch for web site: update most links to HTTPS In-Reply-To: <20160425124332.GO2345@dinwoodie.org> References: <1074467721 DOT 20160425030008 AT yandex DOT ru> <48360918 DOT 20160425084918 AT yandex DOT ru> <20160425124332 DOT GO2345 AT dinwoodie DOT org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-IsSubscribed: yes Greetings, Adam Dinwoodie! > Secure connections historically had a high overhead, sure, but that's > very rarely the case nowadays. Certainly my experince of loading the > Cygwin web page is that there's no perceptible difference between the > http and https versions. Adam Langley (a senior engineer at Google) > wrote an article back in 2010 about how TLS is now computationally > cheap[0]; it's only gotten cheaper since. Typical marketing bullshit. > [0]: https://www.imperialviolet.org/2010/06/25/overclocking-ssl.html > See also https://istlsfastyet.com/, which has a lot of discussion about > the impacts of TLS, but the short answer is "yes". If YOUR experience was positive, mine was always negative, especially with cygwin.com, down to being forced to switch to plain HTTP to even load any page. > At the very least, the Cygwin website should be using protocol- > independent links, meaning users accessing the website using https > aren't switched to http when they click on a link That was my point, exactly. > (i.e. link to > "//cygwin.com/path/to/page" rather than "https://cygwin.com/..." or > "http://cygwin.com/..."). Just /path/to/page is enough. Even necessary considering cygwin.com is multi-domain site. > But I agree with Brian: the Cygwin website should use https everywhere > unless there's some good, specific reason why it's a bad idea. And "TLS is > slow" hasn't been a good reason for years. See above. -- With best regards, Andrey Repin Monday, April 25, 2016 16:01:59 Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple