FTP,HTTP → HTTPS in Emacs doc and code

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FTP,HTTP → HTTPS in Emacs doc and code

From:	Paul Eggert
Subject:	FTP,HTTP → HTTPS in Emacs doc and code
Date:	Wed, 13 Sep 2017 16:58:44 -0700
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0

Inspired by the impending decommissioning of ftp://ftp.gnu.org due tosecurity concerns, I went through the Emacs master branch and changedthese FTP URLs to https://ftp.gnu.org. While I was at it, I did themuch-bigger task of changing http: to https: for most gnu.org andfsf.org URLs. (I ran out of energy before doing the MS-Windows files,and I hope someone else can take up the slack there.)

Although the web pages in question are not secret, plain HTTP isvulnerable to malicious routers that tamper with responses from GNUservers, and this sort of thing is all too common when people in someother countries browse US-based websites. See, for example:

Aceto G, Botta A, Pescapé A, Awan MF, Ahmad T, Qaisar S. Analyzinginternet censorship in Pakistan. RTSI 2016.https://dx.doi.org/10.1109/RTSI.2016.7740626

HTTPS is not a complete solution here, but it can be a significant help.The GNU project regularly serves up code to users, so we should takesome care here.

[Prev in Thread]

Current Thread

[Next in Thread]

FTP,HTTP → HTTPS in Emacs doc and code, Paul Eggert <=
- Re: FTP,HTTP → HTTPS in Emacs doc and code, Philippe Vaucher, 2017/09/14
  - Re: FTP,HTTP → HTTPS in Emacs doc and code, Paul Eggert, 2017/09/14
- Re: FTP,HTTP → HTTPS in Emacs doc and code, Richard Stallman, 2017/09/14
  - Re: FTP,HTTP → HTTPS in Emacs doc and code, Paul Eggert, 2017/09/16

Prev by Date: Re: line-pixel-height beyond eol
Next by Date: Re: Emacs master broken
Previous by thread: Emacs master broken
Next by thread: Re: FTP,HTTP → HTTPS in Emacs doc and code
Index(es):
- Date
- Thread