On Fri, May 29, 2015 at 7:40 AM, Russ Allbery wrote:
> I'm fine with locking the doors. I'm not fine with paying protection
> money to a Mafia goon who claims they'll lock your windows, and sort of
> sometimes does. It's the extortion component that pisses me off about
> HTTPS.
LetsEncrypt will
On 5/28/15, 10:05 PM, Paul Wise wrote:
On Thu, 2015-05-28 at 21:59 -0700, roopa wrote:
We plan to post it for inclusion as an alternative to ifupdown (using
the debian alternatives infrastructure), hoping to make it easier
for people who may be interested in trying it out.
Please see this page
X-Debbugs-CC: debian-devel@lists.debian.org
Package: wnpp
Severity: wishlist
* Package name : gambatte
Version: 0.5.0 (r577)
* URL : https://sourceforge.net/projects/gambatte/
https://github.com/sinamas/gambatte
* License : GPL-2
Programming Lang: C++
Description: Game Boy and Game Boy Col
On Thu, 2015-05-28 at 21:59 -0700, roopa wrote:
> We plan to post it for inclusion as an alternative to ifupdown (using
> the debian alternatives infrastructure), hoping to make it easier
> for people who may be interested in trying it out.
Please see this page for how to get ifupdown2 into Debi
On 5/27/15, 8:18 PM, Paul Wise wrote:
On Thu, May 28, 2015 at 1:41 AM, Christoph Anton Mitterer wrote:
Haven't tried systemd-networkd yet, but at least NM fails in even very
simple cases (like resolving is broken, when I disconnect the wire and
go back to wifi, etc. pp.) ... plus the whole desi
Package: wnpp
Severity: wishlist
Owner: Miguel Landaeta
* Package name: ruby-minitest-excludes
Version : 2.0.0
Upstream Author : Ryan Davis
* URL : https://github.com/seattlerb/minitest-excludes
* License : MIT
Programming Lang: Ruby
Description : Ruby
Clint Byrum writes:
> Excerpts from Russ Allbery's message of 2015-05-27 22:23:02 -0700:
>> If you aren't doing certificate pinning, I don't think you can really say
>> this with a straight face.
> The word is "avoids", it is not "eliminates". What ever happened to
> defense in depth? There's no
Excerpts from Russ Allbery's message of 2015-05-27 22:23:02 -0700:
> Josh Triplett writes:
>
> > https:// avoids MITM;
>
> If you aren't doing certificate pinning, I don't think you can really say
> this with a straight face.
>
The word is "avoids", it is not "eliminates". What ever happened t
x-post
Hi everybody,
I was part of the Debian XML/SGML team [1] for quite some time and it
was fun maintaining the whole DocBook toolchain. Unfortunately I'm not
using it anymore and thus have lost interest in these packages. Now
after Jessie has been released, I'm finally stepping back as mainta
]] Russ Allbery
> Also, for people coming from Debian hosts talking to the Debian
> infrastructure, at least in theory we *could* do certificate pinning,
> which transforms HTTPS into a worthwhile security protocol. It's not
> exactly trivial to work out the UI and integration problems, and it
>
Package: wnpp
Severity: wishlist
Owner: Vincent Bernat
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
* Package name: pytest-httpbin
Version : 0.0.6
Upstream Author : Kevin McCarthy
* URL : https://github.com/kevin1024/pytest-httpbin
* License : Expat
Progr
Package: wnpp
Severity: wishlist
Owner: Vincent Bernat
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
* Package name: httpbin
Version : 0.2.1
Upstream Author : Runscope Community
* URL : https://github.com/Runscope/httpbin
* License : ISC
Programming Lang:
Package: wnpp
Severity: wishlist
Owner: Michael Fladischer
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
* Package name: python-cmislib
Version : 0.5.1
Upstream Author : Apache Chemistry Project
* URL : https://chemistry.apache.org/python/cmislib.html
* License
Package: wnpp
Severity: wishlist
Owner: Michael Fladischer
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
* Package name: purl
Version : 1.0.3
Upstream Author : David Winterbottom
* URL : https://pypi.python.org/pypi/purl
* License : Expat
Programming Lang
On 2015-05-28 09:33:35 +0200 (+0200), Roland Mas wrote:
> I understand that behemoths such as Iceweasel may take some time
> to move, but maybe Git could be made to use the TLSA records in
> DNSSEC? Postfix does make use of them, and SSH uses their SSHFP
> cousins, so it's not completely an abstrac
Roland Mas writes:
> I understand that behemoths such as Iceweasel may take some time to
> move, but maybe Git could be made to use the TLSA records in DNSSEC?
> Postfix does make use of them, and SSH uses their SSHFP cousins, so it's
> not completely an abstract idea.
> Roland,
> who spent so
Package: wnpp
Severity: wishlist
Owner: Andreas Tille
* Package name: r-cran-futile.logger
Version : 1.4.1
Upstream Author : Brian Lee Yung Rowe
* URL : http://cran.r-project.org/web/packages/futile.logger/
* License : LGPL
Programming Lang: R
Description
Hi,
Quoting Helmut Grohne (2015-05-28 12:55:03)
> On Thu, May 28, 2015 at 08:43:12AM +0200, Lucas Nussbaum wrote:
> > This worked fine when I tested it locally because I use sbuild, but now
> > that it is uploaded, I realize that: - pbuilder doesn't support it (which
> > breaks the package on repr
On Thu, 2015-05-28 at 11:18 +0800, Paul Wise wrote:
> > Haven't tried systemd-networkd yet, but at least NM fails in even very
> > simple cases (like resolving is broken, when I disconnect the wire and
> > go back to wifi, etc. pp.) ... plus the whole design, that it tries to
> > be the canonical
On Thu, May 28, 2015 at 08:43:12AM +0200, Lucas Nussbaum wrote:
> It seems the early support in dpkg confused me into thinking that it was fully
> supported in stretch.
>
> So, the question is: should we wait until stretch is released to use build
> profiles, to give time to all infrastructure too
On Thu, May 28, 2015 at 08:43:12AM +0200, Lucas Nussbaum wrote:
> To fix #632776 (ruby-shoulda-context,gem2deb: Circular build-dependency),
That's great. Please keep that.
> This worked fine when I tested it locally because I use sbuild, but now that
> it
> is uploaded, I realize that:
> - pbu
Package: wnpp
Severity: wishlist
Owner: Rene Engelhard
Filing this ITP because I am sure people will ask about this when it
becomes official. It already appeared in a PM:
http://blog.documentfoundation.org/2015/03/25/libreoffice-to-become-the-cornerstone-of-the-worlds-first-universal-productivity
On Thu, May 28, 2015 at 10:30:58AM +0200, Tollef Fog Heen wrote:
> ]] Wouter Verhelst
>
> > - Most importantly, you need to configure your webserver and SSL library
> > so it disables outdated protocol versions, enables newer secure
> > protocol versions (doing so in a way that older propriet
Control: retitle -1 "ITP: eso-pipelines -- ESO VLT Instrument pipeline
collection"
Oops, forgot to change the title...
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.o
]] Wouter Verhelst
> - Most importantly, you need to configure your webserver and SSL library
> so it disables outdated protocol versions, enables newer secure
> protocol versions (doing so in a way that older proprietary clients
> who don't speak those newer versions yet and make up the ma
Package: wnpp
Severity: wishlist
Owner: Ole Streicher
X-Debbugs-Cc: debian-devel@lists.debian.org,debian-as...@lists.debian.org
* Package name : eso-pipelines
* URL : http://www.eso.org/sci/software/pipelines/
* License : public-domain
Description : ESO VLT In
Russ Allbery, 2015-05-27 22:23:02 -0700 :
> Josh Triplett writes:
>
>> https:// avoids MITM;
>
> If you aren't doing certificate pinning, I don't think you can really say
> this with a straight face.
>
> It makes MITM moderately harder, at the cost of giving money to a bunch of
> exploitative clo
On Wed, May 27, 2015 at 12:20:03PM +0100, Rebecca N. Palmer wrote:
> >Why? Which attack do you envision[...]that would
> >be thwarted by https but not by signed commits?
> I don't; I see https as easier and hence more likely to actually get used in
> practice.
Well, on that we disagree then, I sup
Package: wnpp
Severity: wishlist
Owner: Senthil Kumaran S
* Package name: python-django-hijack
Version : 1.0.7
Upstream Author : Philippe O. Wagner
Yannik Ammann
* URL : https://github.com/arteria/django-hijack
* License : MIT
Programmin
29 matches
Mail list logo
