Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CAPS+U99Yzw5DSOvEkOfZvin+pdEN=ghvFd3hZYLow3p+=Wjqxg@mail.gmail.com>
Date: Tue, 12 Mar 2013 13:16:51 +1300
From: Pedro Worcel <pedro@...cel.com>
To: john-users@...ts.openwall.com
Subject: Re: OT: HTTPS for openwall.info?

Yeah I don't think it will help much, it'll just be a bit annoying. E.g. no
mitm, etc.

It would be great to see HTTPs everywhere =)


2013/3/12 Rich Rumble <richrumble@...il.com>

> On Mon, Mar 11, 2013 at 6:37 PM, Solar Designer <solar@...nwall.com>
> wrote:
>
> > On Tue, Mar 12, 2013 at 11:15:48AM +1300, Pedro Worcel wrote:
> > > The main reason I like it is because I am behind a restrictive firewall
> > (at
> > > work), so while I don't understand how bad it is for a person in a
> > country
> > > with a great firewall, I know it is a major pain in the ass for censors
> > if
> > > websites use https only. (e.g. with github/china ordeal)
> >
> I use several proxies and filtering products, a lot of filtering done at
> the domain level, not the protocol. The greatfirewall of china uses this
> method and many others, most filters I've encountered can use DNS and or
> protocols. Port 443 hardly get's a pass just because it's 443 in my
> experience with repressive regimes.
>
> > Well, that sort of reasoning applies to all websites, not just the wiki.
> > We'd need HTTPS for the main Openwall website as well, then.  Yes, this
> > makes sense.
> >
> It doesn't from a censorship perspective, if you ask me. None of this is to
> say I don't support the use of HTTPS for any website, esp openwall, I'd
> love to see HTTPS.
> -rich
>



-- 
GPG: http://is.gd/droope <http://is.gd/signature_>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.