Proposed patch for web site: update most links to HTTPS

Andrey Repin
Mon Apr 25 17:41:00 GMT 2016

Greetings, Adam Dinwoodie!

> Secure connections historically had a high overhead, sure, but that's
> very rarely the case nowadays.  Certainly my experince of loading the
> Cygwin web page is that there's no perceptible difference between the
> http and https versions.  Adam Langley (a senior engineer at Google)
> wrote an article back in 2010 about how TLS is now computationally
> cheap[0]; it's only gotten cheaper since.

Typical marketing bullshit.

> [0]:

> See also, which has a lot of discussion about
> the impacts of TLS, but the short answer is "yes".

If YOUR experience was positive, mine was always negative, especially with, down to being forced to switch to plain HTTP to even load any

> At the very least, the Cygwin website should be using protocol-
> independent links, meaning users accessing the website using https
> aren't switched to http when they click on a link

That was my point, exactly.

>  (i.e. link to
> "//" rather than "" or
> "").

Just /path/to/page is enough. Even necessary considering is
multi-domain site.

> But I agree with Brian: the Cygwin website should use https everywhere
> unless there's some good, specific reason why it's a bad idea.  And "TLS is
> slow" hasn't been a good reason for years.

See above.

With best regards,
Andrey Repin
Monday, April 25, 2016 16:01:59

Sorry for my terrible english...

Problem reports:
Unsubscribe info:

More information about the Cygwin mailing list