Subject: Re: Download libssh2 source via HTTPS?

Re: Download libssh2 source via HTTPS?

From: Peter Stuge <>
Date: Wed, 4 Mar 2015 15:27:15 +0100

Daniel Stenberg wrote:
>>> All in the name of going where there's already a large amount of users,
>>> it brings features and it encourages and simplifies collaboration even
>>> further. Do it "like the kids do".
>> Since when was being mainstream ever a good thing?
> Lowering barriers and reducing friction for newcomers are good things
> in my mind.

I don't believe that "outsourcing" reduces friction. Quite the contrary.

As long as what one wants is *exactly* what is intended for one to want
then everything is fine. If one wants to do anything else, then one is
out of luck - because that is not supported. Infinite friction.

As for barriers - have you read the ToS recently?

The very first point is:

A. Account Terms
1. You must be 13 years or older to use this Service.

How about that for a barrier? If I was growing up on the internet
today, I might want to contribute to libssh2 also before I'm 13.

It is not common - but I think lowering the barrier is really important.

3. You must provide your name, a valid email address, and any other
information requested in order to complete the signup process.

That sounds like a significant barrier to me.
"any other information requested" - and a completely arbitrary
barrier at that.

7. One person or legal entity may not maintain more than one free

That too sounds like a barrier to me.

> Apparently I'm not the only one thinking so.

Please read those terms again. I think they are absurd.

(But I know that they are absolutely required, because the service is
operated by a US company.)

School teaches us that it is most convenient to be exactly like
everybody else, at least in Sweden. I think it's much more important
to look at things more critically than that, on a case-by-case basis.

If GitHub Inc. or SourceForge Inc. provide e.g. mailing lists with
spam filters, and nobody cares that the project becomes dependent on
an unrelated third party to determine what is unwanted communication
and what is not, then by all means, use the service.

For me that threshold is very different for a mailing list than for a
bug tracker or a source code repository.

>> GitHub Inc. is a privately held company in the USA. I don't see how it
>> could be beneficial in any way for the project to give up its
>> independence.
> It would not give up independence. It would use one or more services
> provided by that company.

If the project uses those services then the project loses
independence of those services.

>>> It is related to cost, but not strictly the price for the certificate but
>>> even more so the effort and maintenence cost in time and energy.
>> Please speak for yourself.
> Did I *ever* speak for anyone else here?

Never before! :) It did sound like you were speaking for the services
I host.

> Of course I speak for myself and as the person admining

That's of course all right!


Received on 2015-03-04