[PATCH] Prefer HTTPS to HTTP and FTP in texinfo.tex

bug-texinfo

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] Prefer HTTPS to HTTP and FTP in texinfo.tex

From:	Paul Eggert
Subject:	[PATCH] Prefer HTTPS to HTTP and FTP in texinfo.tex
Date:	Sat, 16 Sep 2017 10:34:46 -0700
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0

In Gnulib, Emacs, etc. we are changing ftp: and http: URLs to use https:, todiscourage man-in-the-middle attacks when downloading software. The attachedpatch propagates these changes upstream to texinfo.tex. This patch doesn'taffect the the other files in the texinfo source, though they should be updatedtoo at some point.

Although texinfo.tex is not secret, plain HTTP is vulnerable to maliciousrouters that tamper with responses from GNU servers, and this sort of thing isall too common when people in some other countries browse US-based websites.See, for example:

Aceto G, Botta A, Pescapé A, Awan MF, Ahmad T, Qaisar S. Analyzing internetcensorship in Pakistan. RTSI 2016. https://dx.doi.org/10.1109/RTSI.2016.7740626

HTTPS is not a complete solution here, but it can be a significant help. The GNUproject regularly serves up code to users, so we should take some care here.

texinfo.tex.diff
Description: Text Data

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] Prefer HTTPS to HTTP and FTP in texinfo.tex, Paul Eggert <=
- Re: [PATCH] Prefer HTTPS to HTTP and FTP in texinfo.tex, Gavin Smith, 2017/09/16

Prev by Date: Texinfo 6.5 released
Next by Date: Re: [PATCH] Prefer HTTPS to HTTP and FTP in texinfo.tex
Previous by thread: Texinfo 6.5 released
Next by thread: Re: [PATCH] Prefer HTTPS to HTTP and FTP in texinfo.tex
Index(es):
- Date
- Thread