[aur-general] Securing the AUR website

Cédric Girard girard.cedric at gmail.com
Thu Sep 1 14:36:34 EDT 2011


On Thu, Sep 1, 2011 at 8:15 PM, Gordon JC Pearce <gordonjcp at gjcp.net> wrote:

> I don't really understand why it's so important to break existing links by
> forcing everyone onto the https page.
>

And what in rewriting http://aur.archlinux.org/foo into
https://aur.archlinux.org/foo is breaking links ?


>
> What happens if you *don't want to use https*?
>

I still have difficulties to understand why people would like to purposely
avoid using https. Do you ask the admin of the server you have to connect
to, to enable rlogin to be able to connect to there server insecurely as
well ?

-- 
Cédric Girard


More information about the aur-general mailing list