Does anybody know of code hosting for bzr that is not Launchpad?
Robert Collins
robert.collins at canonical.com
Tue Oct 18 02:13:56 UTC 2011
On Tue, Oct 18, 2011 at 3:03 PM, Martin Pool <mbp at canonical.com> wrote:
> The currently popular approach is to just use ssl all the time and not
> take the risk of leaking something. In fact I think SPDY has no
> option for unencrypted connections. So it turns out at least in this
> aspect lp was right all along.
>
> Unauthenticated pages are served (eg to spiders) unencrypted.
They are? I'd be amazed, we redirect everything except feeds (for now) to https.
To add to the SSL aspect: we have lots of private data: email
addresses, security embargoed uploads for Ubuntu, bugs with personal
data, and lots of security sensitive functions: choosing what goes
into Ubuntu, for instance.
We need to make it fast over SSL for all those functions :)
-Rob
More information about the bazaar
mailing list