Re: [PLUG] The lock down?! Uhh.. why?

Charlie Li via plug on 20 Sep 2019 09:22:32 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] The lock down?! Uhh.. why?

From: Charlie Li via plug <plug@lists.phillylinux.org>
To: plug@lists.phillylinux.org
Subject: Re: [PLUG] The lock down?! Uhh.. why?
Date: Fri, 20 Sep 2019 12:22:18 -0400
Autocrypt: addr=ml+PLUG@vishwin.info; prefer-encrypt=mutual; keydata= mQINBFt7iHUBEADCorTixbMGuHd9WYSKCELlv/TFcRtvpHUw/n9LtXzKixUUwl7iuMFMYTz3 QXePX0Twq4jCQYySfcxWbPkLsSYlPOkaGQ+XytfmIHoqG5ba4i1fp+F41is0oCtLt1+oL84j NKUd13em/JWd+PJeQbSTVnHbT2yaAi7vqWw5WKVaMExjfPGU5TArV46wSRU6Zuy1ZX66q0q5 dPzeBdeKYWJE8aGtyi3pYUpKUOX4gxiNetf6leDFZ4OsexWaRdU0n8fId5d1qwjAE3lOwV5z 0Ilt8t4iXtX3JL3DAQyLZIeXHIg9O3rrpPMXQWSp2/5g39PohNk7farbhcpIKxuDN+L5N6U9 OxNHBSCv9FGDO4R/mw3YwJCovDzsF7RSyXQDIY36yjdh2uTLZ0uD5Ci/DPmJUySFLRvpqWnQ M7V5cYhdqDfcElGpRbi8JZQVYRJjvI5Jj0byG98KeaD0YFxKqmmm+Oh+xWXE7xt/DsBoZeZJ BFP84LvFbwQqprvI+sg+1z2+JIgNbYwl8VaYzfyGnqTEXTOsQYEKTdKA9MODSAsN31MlQICe CIHZV+OwOqH1KQ/mZp59AnpXAmj4T94bnahE9yJtVW/qglX/nTeFNUdu5MyEgkeB0x7mx+t0 3hE20yp/NbyvG1T/o53NHwHiURC/8Fxd1NWPZ6n4X8npQn6iyQARAQABtDVDaGFybGllIExp IChQTFVHIG1haWxpbmcgbGlzdCkgPG1sK1BMVUdAdmlzaHdpbi5pbmZvPokCTgQTAQgAOBYh BP9/wqq+WvuNT2xG/o5weN7yA6tsBQJbe4r8AhsjBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheA AAoJEI5weN7yA6tst3QP/0Ys2iQ8n1nSpYp2khFmyynQMMLIjXeTSnzfF5SI2/cVvTcp2mFD fNH1RaSD6dfvlEDXaf3ycTQt5meDyf0VPCPl+ljNw8jGuCMRocQSQ6sEY2lWYQa5LVUtz5ff NCjOnHXoccqKaJC4G3aT51zR3PxEuR1RNLJCxYr6UyPcrLokZNSpBNwEJ3jbMLaz8JsU2j+N oe2mgqNxwkwIa8+vC4IZPwctCRDS3Dfm10ixX3fwVaNGciU3/D9vK6n6xckgzLwyYC0YFaJ4 9KF+7GjNf2lWZwYfEOKqv1hQvNRnBF/6aG9SzE33tYvjSDW38XTI3m/taC+bw7C5EkbwbJrb Y/YJBWzff2PqxG3Jh72++phcC7KVZHUetvupiqXsKhzYwbExE6FN3xSlcLipDtwLv+67sF9/ cwCJBZKYAfLaYYDlPAhffI5kjqYvTEF1bTooUPGjCSduXE4PGQsC9H40ybhQ9xYdIqp84+Td 4lP6rsBENG7hzNr+hYJY7hsovUYqYF7MxwXKk9yLP4TRFkLqS/vlk+0BHo8O9sMESfLpLupX pVI8BX5y5iODz17mMRCrJIXeBN3OU0ovZjRWGB/N4ebtyHmneEsf7JFL7PV+B5oGUNMKDDau hHQN4SIOuRZgqLh15knMQOMwsBZuAbK3UIzb1wZCN2kEawRoxEETqU4OuQINBFt7iHUBEADX Ze2BxvCTsh2xGL/uxMUqzveqgUWr4NRbAxtK4g5pbDkn2dn6i+v2CReVrH7F/ffmEnSIi0Hw uEDsP3APjCOuaYGOHAruNi+2CFvwEfowdYRYPkP3G3jsI7ijxWLWb8Xg6UrGgOoiEfqfreA1 5I1pfOoOlmhSwvrYpf6wopRR2P9f+jPdfBdYJv+sQiAAwxbtAVy5AEnOQeC7r2hRIiSLiPWa EAyIFsZ7F9LV1xN+ksCv166MM0c7DmvtojhwDyru6zxh8MtvLzuE+VKu1MpzGRtrCt0U2zoo 2sS+CCReFjEaqbhnQUieLFpq+WiKYF/WruS9UzQACCyaR155L/pPNufvVYG4RbRWARxJIFLV 2/sN+CZ5B6JKa/QO/HaVm/k/ozhD+mVIDPuFVcvoQgqW3AlSNjxF7vMNs9/uMmVsSBZsvFGG UaHkzCs1dsy3orKANFwPI4+ePGDT4gJdtDI8qKruNljb9D/Hw/TzE3HyxQo9j5cToblBWiFB 97ctP2zXkoz7VSvi/ceFt+0e1NbWJPrQeTJT2pEIkkLXU6AfvCt+K5wbf95AqAGC+x8oMPfq smaxCmQ7T+SSnpH4LMtvLdc+usVglMKvTx7lBYoo93I28CG7JCPbstvsSE3F7eGalX6WXHRp o323Uz5Bnzx9qYw6AiWns2HW4Wv9zlYZlQARAQABiQI2BBgBCAAgFiEE/3/Cqr5a+41PbEb+ jnB43vIDq2wFAlt7iHUCGwwACgkQjnB43vIDq2xMZw//asEi+B4qKyZlBCfuQk4fCCapeD83 kCvA8fd4ImbOY1lZQiU5nKUDYq1iGTNnkbeuwv8EyYy5hFRs8klS6RolKoV6nUToBZg8LxJ5 qSG7VlsrxrIEjgpmY/7c9BhLS0rIyXFf5C335L+1xCpLfWYyCZxWFWEqLwytaNj6DukX4uQF hxwe42IY0hybyYw8dMgpTvYBGIbcO0etGDix/nCqA6LvbbvuMEd0MEbDRjusK8yxoabcbgaw zCPh7jsfo8AU5Yrs7r2a68ujnSgw3auQ+L70Ao+LxZyuKey2V4QbIQjKC5FqANCNk/mBf1eT m+RLr7EyAq3v6Tv4PeNYqVZHob1TQLIqZUmh42rAdR0ugUPeXLCPBP2+j5ypviBAqdmwDWyz 9Y68SngRo1JHskcU5jlfwA1CCI/EuGtsjsU8ZcrDdjucKlwiXMWmHpQv2OE1HC+hDcZ9nSwX QmCkBJ2tLg3cWae30vqVzeqsivEM+kONjBwMRQGXSyn+muOHeB0Leqz3FnRE1ZZ1Spya9G/Z IOStUPDeJD1aExla5BgGYZoxWLKlrpauOOVVOOpl+1nKrK2cfC6jU8D+otwX+9RSfRAcU8gP Hz/JNKqLD/FPA+44XHOceMlVvEQQbQfmuat6HVnRZ4zCxJuMLcQR/5kjf1CkXBUgbykPBcU4 KV+GMXM=
Dkim-signature: v=1; a=rsa-sha256; c=relaxed; d=vishwin.info; h=subject :to:references:from:message-id:date:mime-version:in-reply-to :content-type; s=fuccboi12; bh=zbbH4FI/v27B57yS7rl9tKpwWIBC8dg6G E9fF3nYqZo=; b=BCUJ+L8epKlxZopjXkbm2JZY38GF+LtXiNRU+ticg+vwgu2aP V4RSemyGdokBslH31fJjpgXXQz5ty6FzseS44xU+GTGCe44xz0awDi/ID7Uv5HRX SM0JRw0H9F23TPQQmD6vWVgwXUBKzBOBVNBq0a8a7d2z3m32EQAsCJfwNSMU9Bfr yqFt+wHr/Qv51oS4Kaay0puPUyL5EYwKHGNzYr8h7DVFN8usSwlYLOhOpju+Jto/ Iin0G/Sk8WR+dfS6Mm6CtaftBsNLS2Csf8fXWPnyk0BqW2nLZAzJtfHq+JnpVI9n KnKufU4QGGa7FUeMpYN89M3+NPe1QiycbAQ8Q==
Organization: PLUG mailing list
Reply-to: Charlie Li <ml+PLUG@vishwin.info>
Sender: "plug" <plug-bounces@lists.phillylinux.org>
User-agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101 Thunderbird/68.1.0

Joe Rosato via plug wrote:
> If you work with either RHEL or OracleLinux - has anyone noticed the
> recent push for https for repos?
> 
> What is the thinking here? Can't tell if I'm just old school or if this
> is.. well.. bad. The gpgcheck for signatures covers fears of
> bogus repos. Why add https?
> 
To add to Drew's cargo cult point (replying here because Drew cut all
the context), the popular browsers have been increasingly pushing for
HTTPS everything to the point where regular HTTP is more onerously
flagged than before. This then causes lesser-informed people to panic
when coming upon an HTTP endpoint, especially when it comes to a
software repository.

Personally, I'd prefer offering both HTTP and HTTPS without nudging one
over the other. Repressive environments and countries love to
man-in-the-middle HTTPS as a cheap way to monitor and deny data transfer
from "unapproved" sources.

-- 
Charlie "got eem" Li

(This email address is for mailing list use only; replace local-part
with vishwin for off-list communication)

Attachment: signature.asc
Description: OpenPGP digital signature

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

References:
- [PLUG] The lock down?! Uhh.. why?
  - From: Joe Rosato via plug <plug@lists.phillylinux.org>

Prev by Date: Re: [PLUG] The lock down?! Uhh.. why?
Next by Date: [PLUG] browser stuff, resources
Previous by thread: Re: [PLUG] The lock down?! Uhh.. why?
Next by thread: Re: [PLUG] The lock down?! Uhh.. why?
Index(es):
- Date
- Thread