Joerg Sonnenberger via llvm-dev
2017-Jan-15 14:19 UTC
[llvm-dev] [SERVER UPDATE] Moving clang, clang-analyzer, libcxxabi, libcxx ... websites to new server
On Fri, Jan 13, 2017 at 04:07:48PM -0500, James Y Knight via llvm-dev wrote:> But beyond that: there's no downside. Why should *anyone* continue to serve > http traffic? It's just all around better and safer to require https, for > everything, always.I take you haven't tried to use WiFi at UK airports or coaches recently? There are a lot of other places with completely broken "transparent" proxies and forcing HTTPS (especially in combination with HTST) makes the network unusable. Joerg
James Knight via llvm-dev
2017-Jan-15 21:25 UTC
[llvm-dev] [SERVER UPDATE] Moving clang, clang-analyzer, libcxxabi, libcxx ... websites to new server
On Jan 15, 2017, at 9:19 AM, Joerg Sonnenberger via llvm-dev <llvm-dev at lists.llvm.org> wrote:> On Fri, Jan 13, 2017 at 04:07:48PM -0500, James Y Knight via llvm-dev wrote: >> But beyond that: there's no downside. Why should *anyone* continue to serve >> http traffic? It's just all around better and safer to require https, for >> everything, always. > > I take you haven't tried to use WiFi at UK airports or coaches recently? > There are a lot of other places with completely broken "transparent" > proxies and forcing HTTPS (especially in combination with HTST) makes > the network unusable.No, I haven't had the pleasure recently, so I'm not aware of what you're talking about. But, whatever the case is there, I don't think that's an argument for continuing to serve http, especially for a small site like llvm. At this point, almost all of the major/popular sites on the internet (facebook.com, google.com, amazon.co.uk, wikipedia.org, github.com, yahoo.com, ...), already force https. So, if UK airport WiFi doesn't work with https, and therefore doesn't work with a majority of the popular sites, well...I hardly see how they can claim to be providing WiFi service at all, at this point. Any such network is going to be, in the eyes of most users, simply useless and broken.
Joerg Sonnenberger via llvm-dev
2017-Jan-15 22:30 UTC
[llvm-dev] [SERVER UPDATE] Moving clang, clang-analyzer, libcxxabi, libcxx ... websites to new server
On Sun, Jan 15, 2017 at 04:25:16PM -0500, James Knight wrote:> On Jan 15, 2017, at 9:19 AM, Joerg Sonnenberger via llvm-dev <llvm-dev at lists.llvm.org> wrote: > > On Fri, Jan 13, 2017 at 04:07:48PM -0500, James Y Knight via llvm-dev wrote: > >> But beyond that: there's no downside. Why should *anyone* continue to serve > >> http traffic? It's just all around better and safer to require https, for > >> everything, always. > > > > I take you haven't tried to use WiFi at UK airports or coaches recently? > > There are a lot of other places with completely broken "transparent" > > proxies and forcing HTTPS (especially in combination with HTST) makes > > the network unusable. > > > No, I haven't had the pleasure recently, so I'm not aware of what you're talking about.You said there is no downside. I've demonstrated a situation people can face right now where it can make a website unusable. Don't handwave away the cost of forcing HTTPS, it adds overhead for all involved parties. Don't get me wrong, I'm all for properly supporting HTTPS everywhere, but it is not without downsides. Joerg
Maybe Matching Threads
- [SERVER UPDATE] Moving clang, clang-analyzer, libcxxabi, libcxx ... websites to new server
- [SERVER UPDATE] Moving clang, clang-analyzer, libcxxabi, libcxx ... websites to new server
- [SERVER UPDATE] Moving clang, clang-analyzer, libcxxabi, libcxx ... websites to new server
- Can't build libcxx alone, it requres libcxxabi
- [LLVMdev] [ exception_ptr ] libcxx doesn't cope well with libcxxabi under linux