It is true that it would be nice if the footer on the mailing list could be updated to show an HTTPS URI instead of an HTTP one. Then users would get a little bit of protection if they follow the links while using a public hotspot. Is that possible?

On 2025-05-02 14:51, Greg Hellings wrote:
There is nothing insecure about it. We allow both HTTP and HTTPS connections.

If you use the incorrect hostname over HTTPS you get an invalid cert, because the hostname you told the browser to use does not match the cert. The solution is to use the correct hostname.

If you use HTTP some browsers give a warning that they don't like HTTP. The solution is to either ignore it because that's silly, or use HTTPS (correctly).

The server and browser both respond appropriately to what is, at the base case, a user error.

--Greg

On Fri, May 2, 2025, 1:44 PM David Haslam <dfh...@protonmail.com> wrote:

    It remains the case that the list archive / server
    <http://crosswire.org/mailman/listinfo/sword-devel> has an
    insecure connection that uses only HTTP.

    We should upgrade it ASAP to use HTTPS to avoid all the Browser
    Warnings!

    It's 2025 now. Nobody nowadays should still be using HTTP.

    With all the kerfuffle/hilarity about my use of *Leo*, we seem to
    have lost sight of the main point!

    Best regards,

    David

    Sent with Proton Mail <https://pr.tn/ref/SWXT9A5YZ67G> secure email.

    On Friday, May 2nd, 2025 at 6:27 PM, DM Smith
    <dmsm...@crosswire.org> wrote:
    Fair enough of a disclaimer.

    On May 2, 2025, at 10:39 AM, Nathan Phillip Brink
    <ohnobi...@ohnopublishing.net> wrote:

    I think Leo clearly enough said that he doesn't know the actual
    URI but that if this organization followed a common pattern,
    they might have chosen that URI. I don't think that's a
    hallucination, but I don't know the jargon.

    On 2025-05-02 9:18:05 GMT-05:00, DM Smith <dmsm...@crosswire.org>:
    Leo is hallucinating. This is a well known problem of GPT agents.

    On May 2, 2025, at 8:13 AM, David Haslam
    <dfh...@protonmail.com> wrote:

    Hi Troy,

    That's a curious question!

    Me: What is pipermail?

    Leo: Based on the search results, **pipermail** appears to be
    a term related to electronic mailing lists, specifically the
    archives of mailing lists managed by the GNU Mailman software.

    According to Wikipedia, GNU Mailman is a computer software
    application for managing electronic mailing lists, and
    pipermail is likely a part of this system. It seems that
    pipermail is used to access and browse the archives of mailing
    lists.

    If you're looking for more information on pipermail, I can try
    to help you further.

    Me: What is the URL for the archive of the CrossWire Bible
    Society's mailing list called sword-devel ?

    Leo: The URL for the archive of the CrossWire Bible Society's
    mailing list called sword-devel is not explicitly mentioned in
    the search results you provided. However, based on the
    context, it appears to be related to email list archives or
    mailing list management systems.

    From the search results, it seems that the `pipermail` term is
    related to email list archives, specifically the archives of
    mailing lists managed by the GNU Mailman software.

    Given this information, it is possible that the URL for the
    archive of the CrossWire Bible Society's mailing list called
    sword-devel is in the format of
    `https://lists.crosswire.org/pipermail/sword-devel/`
    <https://lists.crosswire.org/pipermail/sword-devel/> or
    something similar.

    Aside: Leo is the AI agent in the Brave browser.

    So, now you know how I found it, is there something amiss with
    the aforementioned hostname?
    I don't recall seeing it before, but, hey!

    Best regards,

    David

    Sent with Proton Mail <https://pr.tn/ref/SWXT9A5YZ67G> secure
    email.

    On Friday, May 2nd, 2025 at 1:03 PM, Troy A. Griffitts
    <scr...@crosswire.org> wrote:
    Don't use 'lists' dotcrosswire.org <http://crosswire.org/>.
    Where did you find that hostname? We have a catchall, so you
    can
    sayhttps://bettyboop.crosswire.org<https://bettyboop.crosswire.org/>
    if you want, but the certificate won't be value for that domain.

    On 5/2/25 6:46 AM, David Haslam wrote:
    If you visit
    (eg)https://lists.crosswire.org/pipermail/sword-devel/

    The first thing you notice is a Browser Warning that the URL
    is insecure.
    The https connection falls back to insecure http

    Please would someone with access to our server make the
    necessary changes for our list archives.


    Best regards,

    David

    Sent with Proton Mail <https://pr.tn/ref/SWXT9A5YZ67G>
    secure email.


    _______________________________________________
    sword-devel mailing
    list:sword-devel@crosswire.org<mailto:sword-devel@crosswire.org
    <mailto:sword-devel@crosswire.org>>
    http://crosswire.org/mailman/listinfo/sword-devel
    Instructions to unsubscribe/change your settings at above page

    _______________________________________________
    sword-devel mailing list: sword-devel@crosswire.org
    http://crosswire.org/mailman/listinfo/sword-devel
    Instructions to unsubscribe/change your settings at above page

    _______________________________________________
    sword-devel mailing list: sword-devel@crosswire.org
    http://crosswire.org/mailman/listinfo/sword-devel
    Instructions to unsubscribe/change your settings at above page


    _______________________________________________
    sword-devel mailing list: sword-devel@crosswire.org
    http://crosswire.org/mailman/listinfo/sword-devel
    Instructions to unsubscribe/change your settings at above page


_______________________________________________
sword-devel mailing list:sword-devel@crosswire.org
http://crosswire.org/mailman/listinfo/sword-devel
Instructions to unsubscribe/change your settings at above page
_______________________________________________
sword-devel mailing list: sword-devel@crosswire.org
http://crosswire.org/mailman/listinfo/sword-devel
Instructions to unsubscribe/change your settings at above page

Reply via email to