X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:content-type:mime-version:subject:from :in-reply-to:date:content-transfer-encoding:message-id :references:to; q=dns; s=default; b=jbr7RC/h5CBsxARzSuX6KcbtTvU+ RFHI+lCpo0Bdg6ry6mkFgq3xQPa0Y/bTwD12a8AZbdFeftLkIrYiy/fZrl5mLAsY d7SZ4236GzezemQ+UVTVLQvNd84twx8L8BYhdiOHBXfmdyxLs14tVbgV2xQZHei/ FdelQBDKpKkIEYs= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:content-type:mime-version:subject:from :in-reply-to:date:content-transfer-encoding:message-id :references:to; s=default; bh=4c1WTzvHJ/8nWaeAG/2S6H6FhLY=; b=ZH ZnGNkljRs1oF3ZDOOkECElR2kNcEvfkmCv7sxnsqmr85H4luZkVTo9dAVDywXyHi Rao3fcRnwW9uf0BBmrhG/ohJfd33rH618szXORkV6dlZ/UljGKC1nM4tVK9fw8xb jgBmShANH57i6D+mxsc2yQUtdnff5iNg7A3phs/0A= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=0.8 required=5.0 tests=BAYES_50,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.2 spammy=Adam, Dinwoodie, dinwoodie, encrypting X-HELO: gproxy4-pub.mail.unifiedlayer.com X-Authority-Analysis: v=2.1 cv=aJ5j99Nm c=1 sm=1 tr=0 a=x/h8IXy5FZdipniTS+KQtQ==:117 a=x/h8IXy5FZdipniTS+KQtQ==:17 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=IkcTkHD0fZMA:10 a=CnPQkyIfcMwA:10 a=xmZoPxhebIwA:10 a=kziv93cY1bsA:10 a=jJwwl4nsAAAA:8 a=msddSgpGSyzgFRjey0EA:9 a=QEXdDO2ut3YA:10 Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\)) Subject: Re: Proposed patch for web site: update most links to HTTPS From: Vince Rice In-Reply-To: <0D835E9B9CD07F40A48423F80D3B5A702EAF3FBD@USA7109MB022.na.xerox.net> Date: Mon, 25 Apr 2016 14:58:56 -0500 Message-Id: <44C9F285-6E2A-4111-BBDE-957A6E4B4581@solidrocksystems.com> References: <20160425124332 DOT GO2345 AT dinwoodie DOT org> <0D835E9B9CD07F40A48423F80D3B5A702EAF3FBD AT USA7109MB022 DOT na DOT xerox DOT net> To: "cygwin AT cygwin DOT com" X-Identified-User: {3986:box867.bluehost.com:solidrr2:solidrocksystems.com} {sentby:smtp auth 192.154.176.197 authed with vrice AT solidrocksystems DOT com} X-IsSubscribed: yes Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id u3PJxUbV015958 > On Apr 25, 2016, at 2:33 PM, Nellis, Kenneth wrote: > > -----Original Message----- > From: Adam Dinwoodie >> ... >> But I agree with Brian: the Cygwin website >> should use https everywhere unless there's some good, specific reason >> why it's a bad idea... > > 1. Did Brian say that? I couldn't find it in the thread. > 2. I would be interested to hear the rationale for such a statement. > Cygwin is open source. What's the point of encrypting? I’m not sure what being open source has to do with it. It should be encrypted for privacy. Frankly, from what we’ve seen in the last couple of years, plain http: should disappear. It should all be https. (And Adam is exactly correct on the performance; it is a non-issue today and has been for years.) -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple