[CentOS-devel] False statement about insecurity made on Wiki

Tue Feb 9 20:51:38 UTC 2021
Scott Dowdle <dowdle at montanalinux.org>


----- Original Message -----
> Your Wkii page here:
> https://wiki.centos.org/FAQ/CentOSStream#Where_is_the_source_code.3F
> After discussion in which it was confirmed that TLS *could* be
> implemented "but traditionally we have not done so", was just
> updated by Manuel Wolfshant with the following lie:-
> Note: downloads are hosted on a mirror network, where we cannot
> mandate that every mirror node runs SSL/TLS, hence using regular
> http and not enforcing https
> False statements are disgusting to begin with, but ones that attempt
> to excuse the lazy decision to put all CentOS customers at risk are
> totally unacceptable. LE is free and easy to use and setup - it's a
> no-brainer to fix this problem, assuming someone isn't getting a
> kickback from some 3-letter-agency to leave this exploitable
> security hole open ?
> _______________________________________________
> CentOS-devel mailing list
> CentOS-devel at centos.org
> https://lists.centos.org/mailman/listinfo/centos-devel

I was saddened to see your email to the mailing list contained a lie.. in that you spelled wiki incorrectly.  Such mistakes are disgusting and lazy.

Scott Dowdle
704 Church Street
Belgrade, MT 59714
(406)388-0827 [home]
(406)994-3931 [work]