:: Re: [Dng] Speaking of "dangerous te…
Page principale
Supprimer ce message
Répondre à ce message
Auteur: Jaromil
Date:  
À: dng
Sujet: Re: [Dng] Speaking of "dangerous technical choice[s]"

hi Joe,

On Mon, 01 Dec 2014, Joe Awni wrote:

>    I think that was a colossal mistake that basically did to the web
>    what systemd does to the OS.  Rather than rely on users or admins
>    to understand their connection and secure their browser, developers
>    mandated that everyone on the web puts 100% trust in a brand new
>    industry the browser devs created basically "over-night" to sell
>    SSL certs.

>
>    Is this an issue that Devuan can make an official stance on?


Devuan has some priorities and a rather straightforward path to reach
release 1.0. this is described on the webpage and will be detailed more
and more as time goes by.

Besides that, we are indeed bootstrapping a new governance and that
could offer the space to re-focus on stances like the one you mention.

I would be in favour of the stance you put forward, is a rather
important aspect of today's Internet architecture.

We experienced it ourselves, somehow: in the first day of launch of
Devuan our donation page was obscured as "scam" for almost 24h on
certain platforms (reported both by Chrome and Firefox users). I have no
idea yes how that is implemented or can be deactivated, yet it is an
impressive control exercised by a centralized cluster of companies and
likely it implies code included inside browsers.

I think we need to have a mandate that relates to 'net neutrality' for
the network tools included in Devuan and, once the first priorities
are set aside, we can invest some efforts in the direction of enforcing
better net neutrality in our tools.

Meanwhile I recommend using Icecat as a browser, which is a fork of
Firefox maintained by the FSF and that is cleaned up in many aspects.

Yet the problem of SSL certificates still stands. But I doubt Devuan can
solve that for desktops (the usage of Debian and derivates on the
desktop is really low) this is something that needs to be acted upon on
other levels. Nevertheless we shall do our bit. I guess OpenCA root
certificates are already included in Debian, we could go beyond that and
include more similar initiatives or something like FOAF-SSL tried to be.

ciao

--
Jaromil, Dyne.org Free Software Foundry (est. 2000)
We are free to share code and we code to share freedom
Web: https://j.dyne.org Contact: https://j.dyne.org/c.vcf
GPG: 6113 D89C A825 C5CE DD02 C872 73B3 5DA5 4ACB 7D10
Confidential communications: https://keybase.io/jaromil