Subject: Re: Download libssh2 source via HTTPS?

Re: Download libssh2 source via HTTPS?

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Wed, 4 Mar 2015 11:21:53 +0100 (CET)

On Wed, 4 Mar 2015, Jakob Egger wrote:

> is there currently a secure way to download the libssh2 source?

No, unfortunately not.

But I would agree that it would be desireble for us to move in that direction.

Personally, I wouldn't mind switching over to hosting the source code repo at
github (which then could provide the code over HTTPS "for free") and then on a
longer term switch to that bug tracker and allow pull requests there etc. All
in the name of going where there's already a large amount of users, it brings
features and it encourages and simplifies collaboration even further. Do it
"like the kids do". And it makes the infrastructure less dependent on
individual volunteers.

> If missing HTTPS support is related to cost, I can offer to pay for an SSL
> certificate.

It is related to cost, but not strictly the price for the certificate but even
more so the effort and maintenence cost in time and energy. Hence I would
prefer to use an existing (and proven) infrastructure for it.

My slightly longer term plan is to jump on the letsencrypt.com bandwagon once
that goes live and offer HTTPS for libssh2.org (and all other sites I host)
from then on.

-- 
  / daniel.haxx.se
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2015-03-04