Proposed patch for web site: update most links to HTTPS
Mon Apr 25 17:41:00 GMT 2016
Greetings, Adam Dinwoodie!
> Secure connections historically had a high overhead, sure, but that's
> very rarely the case nowadays. Certainly my experince of loading the
> Cygwin web page is that there's no perceptible difference between the
> http and https versions. Adam Langley (a senior engineer at Google)
> wrote an article back in 2010 about how TLS is now computationally
> cheap; it's only gotten cheaper since.
Typical marketing bullshit.
> : https://www.imperialviolet.org/2010/06/25/overclocking-ssl.html
> See also https://istlsfastyet.com/, which has a lot of discussion about
> the impacts of TLS, but the short answer is "yes".
If YOUR experience was positive, mine was always negative, especially with
cygwin.com, down to being forced to switch to plain HTTP to even load any
> At the very least, the Cygwin website should be using protocol-
> independent links, meaning users accessing the website using https
> aren't switched to http when they click on a link
That was my point, exactly.
> (i.e. link to
> "//cygwin.com/path/to/page" rather than "https://cygwin.com/..." or
Just /path/to/page is enough. Even necessary considering cygwin.com is
> But I agree with Brian: the Cygwin website should use https everywhere
> unless there's some good, specific reason why it's a bad idea. And "TLS is
> slow" hasn't been a good reason for years.
With best regards,
Monday, April 25, 2016 16:01:59
Sorry for my terrible english...
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin