useNoSSLForPackages and other badly-conceived options (notice non-hijacked thread!)
Barry K. Nathan
barryn at pobox.com
Sat Sep 27 13:20:32 UTC 2003
On Sat, Sep 27, 2003 at 04:39:52PM +1000, Paul Gear wrote:
> As the subject says, i think 'useNoSSLForPackages' is rather badly
> conceived. Whenever i see an option that has the word "No" or "Don't"
> in it, alarm bells ring in my head.
>
> This is a recipe for confusion. Can we get future versions of the
> option renamed to "useSSLForPackages"?
Is this really enough of a reason to break compatibility with old
config files?
> (I would make it off by default,
> too, since many packages are rather large and some of us still pay a lot
> for bandwidth.)
I would expect the effect of SSL on bandwidth use to be minimal. If you
really want to reduce bandwidth, I think there would be more gains if
some RPM packages were compressed using bzip2 rather than gzip.
Besides, SSL provides real security. For instance, the fact that SSL is
enabled by default was a good defense against this hole:
https://rhn.redhat.com/errata/RHSA-2003-255.html
-Barry K. Nathan <barryn at pobox.com>
More information about the users
mailing list