On Mon, May 18, 2015 at 09:43:24AM +0200, pat...@patpro.net wrote: > On 18 mai 2015, at 09:05, Ian Smith <smi...@nimnet.asn.au> wrote: > > >> > >> Actually, that might be the reason -- Google search results. Perhaps > >> Google is also logging what protocols/ciphers your HTTPS has and is > >> using that in search rankings. > > > > You're seriously suggesting that the FreeBSD project should set security > > policies to favour higher rankings from an advertising company? > > > There's a bigger picture. Google is promoting strong security. Using web > sites HTTPS details (proto, ciphers, certificate trustworthiness...) as > ranking parameter is an incentive for admin to switch to better protocol and > stronger cipher suits (& more expensive certificates). > Their next step, currently ongoing in fact, is to limit or even remove > browser confidence in older protocol/ciphers, so that users would be deterred > from visiting those web sites. Domain Validated certificates are probably a > target to be shot dead in few years too. > > As an admin I find it to be a pain in the *** to constantly have to deal with > latest Google "vision", but as a user I think they are right because that's > the way to go for promoting strong crypto.
As user I am don't need crypto, strong or weak. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
