On 12/18/2016 04:20 PM, L.A. Walsh wrote:
Other than obedience to google, what purpose does encrypting open source linux distro binaries & source serve?
https makes most content uncacheable, and I know I've saved 700MB in Suse disc images in my cache that wouldn't have been saved with https for most people. On top of that, https slows down transfer and raises latencies. Please reconsider whether https is really needed for "download" or "software". It's not like either is serving sensitive information and I really hate to see another sheep march to google's tune (when they want it to prevent you from selective ad filtering.
How about this one: I've been unable to update flash-player on several Leap 42.2 boxes for more than a week. Zypper/Yast2 trys to download flash-player-24.0.0.186-2.2.x86_64.rpm from pacman.inode.at, they get to 99%, then the connection is closed by the peer. I've resorted to locking the existing flash-player rpm so that I can complete the other updates. Since no one else is reporting similar issues, my latest hypothesis is that a deep-packet-inspection intrusion prevention device somewhere on my connection path is finding a false-positive hit in the binary and force-closing the connection. I've checked on our local IPS (Tippingpoint) and don't see any hits, but there might be others farther upstream. This is a very large organization. So if my hypothesis is correct, a TLS connection to pacman would allow the updates to complete. Regards, Lew -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org