<html><head></head><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:16px"><div id="yui_3_16_0_1_1444945406727_5322">Oh, those are both absolutely insecure by default.  You (and Sourceforge) <br></div><div id="yui_3_16_0_1_1444945406727_5321" dir="ltr">default to insecure connections.  Sourceforge only forces the encryption when <br></div><div id="yui_3_16_0_1_1444945406727_5293" dir="ltr">the user needs to write something.  <br> </div><div id="yui_3_16_0_1_1444945406727_5105"><br><span></span></div><div id="yui_3_16_0_1_1444945406727_7429" dir="ltr"><span id="yui_3_16_0_1_1444945406727_5730">Nevertheless, I think </span><span id="yui_3_16_0_1_1444945406727_5730">it's </span><span id="yui_3_16_0_1_1444945406727_5730">cases like this one which "Let's Encrypt" is designed to solve.  I'm happy </span><span id="yui_3_16_0_1_1444945406727_5730">to </span><span id="yui_3_16_0_1_1444945406727_5730">leave it to them to eventually lift </span><span id="yui_3_16_0_1_1444945406727_5730">the work you've done <br></span></div><div id="yui_3_16_0_1_1444945406727_7603" dir="ltr"><span id="yui_3_16_0_1_1444945406727_5730">up into the 21st century.<br></span></div><div id="yui_3_16_0_1_1444945406727_6925" dir="ltr"><br><span id="yui_3_16_0_1_1444945406727_5730"></span></div><div id="yui_3_16_0_1_1444945406727_7039" dir="ltr"><span id="yui_3_16_0_1_1444945406727_5730">-Jonathan<br></span></div><div id="yui_3_16_0_1_1444945406727_7646" dir="ltr"><span id="yui_3_16_0_1_1444945406727_5730"><br></span></div><br><div class="qtdSeparateBR"><br><br></div><div style="display: block;" class="yahoo_quoted"> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 16px;"> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 16px;"> <div dir="ltr"> <font face="Arial" size="2"> On Thursday, October 15, 2015 3:30 AM, IOhannes m zmoelnig <zmoelnig@iem.at> wrote:<br> </font> </div>  <br><br> <div class="y_msg_container">On 2015-10-14 22:30, Jonathan Wilkes via Pd-dev wrote:<br clear="none">> Oh wow, I guess it's been awhile since I've used Sourceforge.  It looks like they just offer svn (which isn't secure) and http by default.  Yikes.<br clear="none"><br clear="none">it seems indeed a while since you've used sourceforge.<br clear="none">you might start by reading [1].<br clear="none">you might as well not, in which case i would like to ask you to not<br clear="none">spread fud.<br clear="none"><br clear="none">that's not to say that i don't agree about using https anywhere (and<br clear="none">that sf should use it by default).<br clear="none"><br clear="none"><br clear="none">fgmasdr<div class="yqt4343855519" id="yqtfd42092"><br clear="none">IOhannes<br clear="none"><br clear="none"><br clear="none">[1] </div><a shape="rect" href="http://sourceforge.net/p/forge/documentation/Docs%20Home/" target="_blank">http://sourceforge.net/p/forge/documentation/Docs%20Home/</a><div class="yqt4343855519" id="yqtfd21710"><br clear="none"></div><br><div class="yqt4343855519" id="yqtfd23040">_______________________________________________<br clear="none">Pd-dev mailing list<br clear="none"><a shape="rect" ymailto="mailto:Pd-dev@lists.iem.at" href="mailto:Pd-dev@lists.iem.at">Pd-dev@lists.iem.at</a><br clear="none"><a shape="rect" href="http://lists.puredata.info/listinfo/pd-dev" target="_blank">http://lists.puredata.info/listinfo/pd-dev</a><br clear="none"></div><br><br></div>  </div> </div>  </div></div></body></html>