Security: Absolute Client vetting or trust a remote root?
Daniel Stone
daniel at fooishbar.org
Sat Jun 9 04:14:10 PDT 2012
Hi,
On 8 June 2012 23:32, Mike Mestnik <cheako+xorg-devel at mikemestnik.net> wrote:
> On 06/07/2012 11:07 PM, Alan Coopersmith wrote:
>> No, it just redirects it into more secure channels, such as tunneling over
>> ssh, instead of having to re-implement the encryption& authentication in
>> the X layer that ssh already provides.
>
> It's not up to you to determine IF TCP, or any other protocol for that
> matter, is insecure!
It's even less up to you to determine if our input layer is insecure.
You're literally violating my freedom.
> It should not be the purpose of software developers ds
> up on theto police there users, that's part of the reason why FOSS is used
> over Microsoft and other proprietary technologies.
>
> For example the Debian Free Software Guidelines bars licenses that restrict
> software use based on endeavour.
I don't even know what you're banging on about here. X still supports
TCP, we just don't recommend its usage. I would've thought that a
security expert like yourself would demand strong authentication and
encryption (as offered by SSH) over none at all.
Even so, the license (the DFSG is all about licenses) does not
restrict anything of the sort, being pretty much the most liberal free
software license possible. It's totally irrelevant anyway, as
'endeavour' here is about, e.g. not banning commercial usage of your
software.
> SSH only supports TCP for client connections, not sure how that ends up
> connecting on the server side.
I've re-read your mail about four times now and it's made less and
less sense every time.
I've enabled your moderation bit, so please try to restrict yourself
to technical (which this mail was not in any way) mails which make any
form of sense in the future. If you want to spout off non-technical
gibberish instead, you're welcome to continue emailing me privately
about how I'm a communist-hunting government agent.
Thanks.
More information about the xorg-devel
mailing list