[llvm-dev] [SERVER UPDATE] Moving clang, clang-analyzer, libcxxabi, libcxx ... websites to new server
Mike Edwards via llvm-dev
llvm-dev at lists.llvm.org
Tue Dec 18 22:24:55 PST 2018
Hi,
I know this thread is quite old, however, I am about to start working on:
https://bugs.llvm.org/show_bug.cgi?id=39309 and I couldn't quite tell if
there was any real consensus reached in this thread? Are folks okay with
me changing the Apache configs to force a redirect to HTTPS for all of the
llvm.org landing pages? Honestly, just from an administration standpoint
it would be much easier if I could make everything work the same way. I
understand it will incur some overhead processing costs for some people and
I'm sorry for any inconvenience. I feel, in this case, the simplicity of
maintaining a single configuration outweighs the the burden of connecting
over HTTPS. Thoughts?
Thanks,
Mike
On Sun, Jan 15, 2017 at 2:31 PM Joerg Sonnenberger via llvm-dev <
llvm-dev at lists.llvm.org> wrote:
> On Sun, Jan 15, 2017 at 04:25:16PM -0500, James Knight wrote:
> > On Jan 15, 2017, at 9:19 AM, Joerg Sonnenberger via llvm-dev <
> llvm-dev at lists.llvm.org> wrote:
> > > On Fri, Jan 13, 2017 at 04:07:48PM -0500, James Y Knight via llvm-dev
> wrote:
> > >> But beyond that: there's no downside. Why should *anyone* continue to
> serve
> > >> http traffic? It's just all around better and safer to require https,
> for
> > >> everything, always.
> > >
> > > I take you haven't tried to use WiFi at UK airports or coaches
> recently?
> > > There are a lot of other places with completely broken "transparent"
> > > proxies and forcing HTTPS (especially in combination with HTST) makes
> > > the network unusable.
> >
> >
> > No, I haven't had the pleasure recently, so I'm not aware of what you're
> talking about.
>
> You said there is no downside. I've demonstrated a situation people can
> face right now where it can make a website unusable. Don't handwave away
> the cost of forcing HTTPS, it adds overhead for all involved parties.
> Don't get me wrong, I'm all for properly supporting HTTPS everywhere,
> but it is not without downsides.
>
> Joerg
> _______________________________________________
> LLVM Developers mailing list
> llvm-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20181218/0de34361/attachment.html>
More information about the llvm-dev
mailing list