Clemens Lang wrote:
> I hope you’re not suggesting we keep the defaults insecure because there
> are some institutions out there that don’t support modern standards.
Sorry, but I am. The defaults need to work out there in the real world. If
legacy standards are still widespread, they need to be supported out of the
box, without having to jump through hoops. Users want to be able to connect
to their WPA* WiFi networks, view their HTTPS websites, etc. They do not
care whether those use the latest, most secure versions of the standard or
not. (In fact, most users do not even care that encryption is used at all,
they only use encryption at all because the other end forces them to, i.e.,
because the WiFi network requires it, or the website uses HTTP to HTTPS
redirection and/or HSTS, etc.)
Kevin Kofler
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
