[llvm-dev] [SERVER UPDATE] Moving clang, clang-analyzer, libcxxabi, libcxx ... websites to new server
Jim Rowan via llvm-dev
llvm-dev at lists.llvm.org
Fri Jan 13 13:21:05 PST 2017
On Jan 13, 2017, at 3:13 PM, Stephen Checkoway via llvm-dev <llvm-dev at lists.llvm.org> wrote:
> As an added benefit, every connection tests your TLS configuration meaning that it's much easier to find problems such as expired certs. For example, https://llvm.org is using a cert with SHA-1 which it absolutely should not be doing in 2017. This shows up as insecure for me in Chrome.
This is one reason why blindly redirecting http to https is a bad idea. Unless you can be sure that everything everywhere is done correctly, you put clients through extra pain for content that doesn’t need the extra protection. (Note, I’m not arguing for or against this particular change … only pointing out that it isn’t free of consequences.)
Jim Rowan
jmr at codeaurora.org
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum, hosted by the Linux Foundation
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20170113/213e896d/attachment.html>
More information about the llvm-dev
mailing list