bug#47660: Add link to the ticket when someone reply

[bo0od]

Not gonna go with details about email thing (not what the ticket is 
about), But just clarify what you asked:

> I couldn't parse this.  What does ‘they are exist by names but does 
nothing’
> mean?

having TLS connection is not oh wow im secured now. TLS has versions and 
many other stuff like ciphers , HSTS ...etc if not all of them lined 
securely mean secure TLS version, secure ciphers,...etc you gonna have 
TLS/https just by name, but it makes no different from having it or not.

Check for e.g: DEF CON 17 - Moxie Marlinspike - More Tricks for 
Defeating SSL

https://yewtu.be/watch?v=5dhSN9aEljg

So as for DNS (DNSSEC..etc).

Hope this clarify the sentence.

> Guix' bug tracking software is ‘GNU Bug Tracker’.  You could ask it on

yeah sadly just no respond (wasn't surprised)

Maxime Devos:
> On Thu, 2021-04-15 at 17:00 +0000, bo0od wrote:
> > To be honest i find this bad thing to use emails to do anything rather
> > than online registration and not necessary stuff (means being
> > encrypted,manipulated.. just not something important)
>
> To be honest, I find it a bad thing that many projects (I'm looking at
> GitHub here (*)) only have a web interface, that require registration
> (and often have terms of service I would consider criminal).  Then there
> are multiple web sites requiring registration that I need to keep track
> of.
>
> (*) Ok, GitHub has e-mail notifications.  But I can't directly reply to them,
>      I need to go to the web interface.  At least, that was the case N years 
> ago.
>
> I like being able to perform all asynchronuous communication via e-mail,
> instead of via a dozen platforms.  With e-mail, you get signing ‘for free’,
> while with $PLATFORMS, you need to rely on each $PLATFORM infrastructure
> or resort to ...
>
> (my intepretation of your words, out of context, with encryption replaced with
>   signing)
> > extra tools, where you have to copy the message into the tool, let the
> > tool verify the signature.  Or write a message into the tool, let the
> > tool create the signature, and copy the message+signature into the web
> > interface.
>
> > Email sucks due to:
> > * Messages are not encrypted by default which mean it need an extra tool
> > to do it and commonly used is GPG/PGP + it needs tool to implement this
> > encryption on the messages which mean mail reader/client most commonly
> > one used is thunderbird/icedove <- This method having tremendous
> > security issues check for example: [...]
>
> Not relevant for our purposes.  Issues are public.  Only PGP for signing is
> relevant here.  Also, PGP + Evolution works just fine for me, and evolution
> doesn't download external attachements by default.
>
> > * Most of the time (not always) heavily rely on clearnet which mean
> > issues of TLS/DNS which needs to be hardened otherwise they are exist by
> > names but does nothing.
>
> I couldn't parse this.  What does ‘they are exist by names but does nothing’
> mean?
>
> > ..This is out of scope to discuss this in details, I just want to see
> > the bug URL linked to the bottom of the email i receive thats it.
>
> Guix' bug tracking software is ‘GNU Bug Tracker’.  You could ask it on
> that project's mailing lists.  Now I see you did that already:
> <https://lists.gnu.org/archive/html/help-debbugs/2021-04/msg00000.html>.
>
> I don't have anything else to say on this topic; I'm not sending further 
> replies.
>
> Greetings,
> Maxime.