lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 26 Jun 2020 15:01:31 -0700 From: Joe Perches <joe@...ches.com> To: Jonathan Corbet <corbet@....net>, "Alexander A. Klimov" <grandmaster@...klimov.de> Cc: mchehab+samsung@...nel.org, alexandre.belloni@...tlin.com, nicolas.ferre@...rochip.com, robh@...nel.org, j.neuschaefer@....net, linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v2] Replace HTTP links with HTTPS ones: Documentation/arm On Fri, 2020-06-26 at 15:09 -0600, Jonathan Corbet wrote: > On Fri, 26 Jun 2020 21:44:08 +0200 > "Alexander A. Klimov" <grandmaster@...klimov.de> wrote: > > > Rationale: > > Reduces attack surface on kernel devs opening the links for MITM > > as HTTPS traffic is much harder to manipulate. [] > > Changes in v2: > > Undone all handhelds.org changes and 0 of 0 wearablegroup.org changes. > > I wasn't asking that the changes be undone, I was asking that those links > simply be removed. They are actively harmful - much more so than any http: > links - and shouldn't be there. *Sigh*. I guess I'll just do that. One argument to mark old/invalid links differently somehow is that the wayback machine at archive.org may still have them. But when the domain has been transferred to a 3rd party, it is possibly harmful. Another option might be to grab any archive.org content and put it into a Documentation/archived/outdated directory or the like. For instance: https://web.archive.org/web/20090423133742/http://www.handhelds.org/projects/h1940.html Then gain, this might as well be prehistoric content.
Powered by blists - more mailing lists