[systemd-devel] Antw: Antw: [EXT] Re: Adding USB ID to hwdb/usb.ids

Ulrich Windl Ulrich.Windl at rz.uni-regensburg.de
Fri Jun 4 06:06:31 UTC 2021 

>>> "Ulrich Windl" <Ulrich.Windl at rz.uni-regensburg.de> schrieb am 04.06.2021
um
07:48 in Nachricht <60B9BEBF020000A100041831 at gwsmtp.uni-regensburg.de>:
>>>> Greg KH <gregkh at linuxfoundation.org> schrieb am 02.06.2021 um 16:39 in
> Nachricht <YLeYEY1Em19/d+xQ at kroah.com>:
>> On Wed, Jun 02, 2021 at 03:48:41PM +0200, Reindl Harald wrote:
>>> 
>>> 
>>> Am 02.06.21 um 07:04 schrieb Greg KH:
>>> > On Tue, Jun 01, 2021 at 09:38:37PM +0200, Michael Biebl wrote:
>>> > > Am Di., 1. Juni 2021 um 20:44 Uhr schrieb Greg KH 
>><gregkh at linuxfoundation.org>:
>>> > > > Works for me!  Make sure you are not trying to connect to 'https'.
>>> > > 
>>> > > No https? Why?
>>> > 
>>> > Because why would serving up text files about this topic requires
https?
>>> 
>>> sorry, but we have 2021
>>> 
>>> * non‑https is a warning in most browsers
>>> * certifictes are free and automated these days
>>> * https is not only about encryption
>>> 
>>> the point of https is
>>> 
>>> a) you are connected to the host you think
>>> b) no manipulation on the wire
>>> 
>>> the encryption is not really the point
>> 
>> Then don't connect to the site if you don't want the data there.  Trying
>> to tell others what to do with their spare time in maintaining a
>> resource for all operating systems to use is a bit, well, you know...
> 
> I think any website that has a form to fill in should offer https.
> In the past there were websites asking for user and password without 
> offering
> https.
> I also think even a self-signed certificate is better tan no certificate at
> all, but in the times of let'S encrypt setting up https shouldn't be a big
> issue.
> 
> All my opinion...

Sorry to respond to my own post, but accidentially I read this comment on some
RFC discussion:

"I think it is common understanding that communication across the 
internet should be protect by security means. It also is common practice 
to protect LAN based communication since experience taught that it is a 
false sense of security to rely only on security gateways to  protect 
against adversaries."


> 
> Regards,
> Ulrich
> 
>> 
>> greg "i am a horrible sysadmin" k‑h
>> _______________________________________________
>> systemd‑devel mailing list
>> systemd‑devel at lists.freedesktop.org 
>> https://lists.freedesktop.org/mailman/listinfo/systemd‑devel 
> 
> 
> 
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org 
> https://lists.freedesktop.org/mailman/listinfo/systemd-devel

More information about the systemd-devel mailing list