Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTPS for release artifacts on eddylab.org #335

Open
xunjieli opened this issue Dec 20, 2024 · 1 comment
Open

HTTPS for release artifacts on eddylab.org #335

xunjieli opened this issue Dec 20, 2024 · 1 comment

Comments

@xunjieli
Copy link

Currently documentation says to download the source code from http://eddylab.org/software/hmmer/hmmer.tar.gz. Plain HTTP is blocked for security reasons for us and probably at other institutions. Can you consider serving that source code from a server that supports HTTPS?
In the meantime, I will download the source code from Github's release page.
@cryptogenomicon
Copy link
Member

I'm planning to have our web site support https but it is not a high priority. Probably sometime next year.

Blocking http sounds like a bad IT decision that your folks should think again about. I'm unaware of any security issue with downloading a code tarball over http. You've already accepted a much more obvious security issue by downloading and running arbitrary code from a third party (me), and https doesn't help you there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@xunjieli @cryptogenomicon