Steve,

If you don't like seeing cumbersome security warnings for insecure https connections, how about not using https when what you really want is http in the first place?

Because I don't necessarily have the choice. When I'm reporting a bug on a given open source Trac, they often put https on them because they think it's better for them (and for them it is because they generated the certificate and so on), and there is no http version. Note that when I use https for myself, I import my CA in firefox, so I don't have a single warning, so I kind of know how to avoid them when I care about https. But there isn't always a plain HTTP alternative, and that is what makes it a real PITA.

Okay, you want to warn the user the https isn't secure, there are plenty of ways that don't require you to add an exception on a certificate. I spoke of the little lock, because that's what is even on IE, but please remember than when you browse trusted https, the URL bar is in this kind of yellow. Well, if the https is unsecure, just don't put that background. If you really want, you can add some kind of rosa color to mark that it's "bad" but it in a not too terrible way (in opposition to a broken/invalid certificate and where the URL bar should be blinking red with an air-raid like siren).

I repeat, the fact that the HTTPS certificate is self-signed never changes the fact that when a given user goes on this kind of https site, he wants to be there, and HE WILL click on the 5 silly steps of the SSL exception thing. So why bother ? It serve one single purpose: pissing users off.

And for what it's worth, I disagree with you, most of the people that are not computer related I know absolutely don't know they could think that http_s_ is more secure than http. Each time I give them an URL without the http:// part they ask, is this https or http ?, because they absolutely don't get the difference, and I don't try to explain it to them, because this would lead them to think https is better. Those kind of people only rely on visual helpers from the browser part. They really do.

PS: yes I also believe that bad security is worse than no security because it gives the illusion for people to be safe, and then they have bad behavior. When your condom is broken, things can go really wrong. But you missed my point, in the sense, probably because I'm too annoyed to make it clear inbetween rants. My point really was what I tried to explain, namely that if people don't know they should think there is security in the first place, your remark is moot, and for the other you can activate the different URL background, it's just fine. Of course, invalid certificates must remain a pain to go through, this whole thing is only about the untrusted ones.

Okay, following my irritated post I received (sigh) complaints about me being too harsh. So to these people here is what I say, because I'm tired answering the same thing over and over.

For starters, the SSL dialog in firefox is badly designed:

1. My mom doesn't grok it, so it totally fails the "corridor testing" (see JoelOnSoftware if you don't know what it is), stop pretending otherwise;
2. since it fails with the "average not very computer literate user", I, as an advanced user, believe to be representative of this kind of person, say and affirm that this UI is completely broken and horrible, not to mention counter-intuitive.

That said, I have other things to say on the form. Yeah I've been harsh, and I will continue to be about this issue: this has not been designed with the simplicity in mind, but by geeks (FSVO geek) that believe that it's important to educate people about how nice HTTPS is and that everyone should talk in S3kr3t because its 733t. And I'm sure they tried very hard to make it very painful for users to have to deal with HTTPS and not believe in it to be trusted for bad reasons. Why ?

• because geeks want to use https when possible ;
• but they care about it to be secure (FSVO secure);
• and that they want the whole world to do like them because they know the TRUTH.

HELLLOOOO PEOPLE this is the wrong way to do it. People are already aware that it is https, because they did typed https in the URL. And again, my mom doesn't know what the s in https stands for and she doesn't care. What she cares about is to see the small lock when she logs on her bank website, not even when she goes on her webmail. You REALLY want to make a simple UI ? Well, please try to explain and justify (with real arguments) Why on earth is https with an untrusted certificate less secure than http ?.

Okay I'll let you 3 seconds to think.

1
2
3…

What is your answer ? OH see ? it isn't. So now second 1€ question, why does it need to be more painful to use https with an untrusted certificate than plain http ?. Well, I don't have 3 seconds to give anymore, so let's jump to the answer: there is absolutely no reason.

See, I'm far from an UI expert, and what I use every day for UIs would revulse 99% of the planet: vim as an editor, awesome as a tiling window manager, vimperator for a browser, and I live most of the time in a terminal. But it takes me like 10 minutes to design what I believe to be an excellent UI for https with untrusted certificate: just don't mind the certificate and show it like plain HTTP.

YES I'M ANNOYED

That brings me to the last point. I see in my comments, and have received the same by mail, that I should not be harsh with people writing such a brilliant piece of software.

Well, the fact that firefox is or is not a good piece of software is totally irrelevant. When you claim no less than trying to reinvent the web, well, if you fuck up this big, you deserve it. No matter if it's a free piece of software or not. (or a piece of free software or not).

When you request your users to click on FIVE completely counter-intuitive buttons/urls to finally be able to see a webpage they want to see (and my mom doesn't care about the webmail being insecurely hosted, really), with the first screen being almost the same than what you get when a serer timeouts or 404, well, you're just out of your mind. There is absolutely nothing that can excuse such a bad design, and the SSL thing is a failure. I mean everyone is laughing at the vista way of asking you if you really meant to go pee, well I see no difference here, it's as dumb and inefficient.

No matter how much firefox did improved (and it did memory wise, believe me, I feel it, and I'm really glad about that), https is part of my everyday's life. Those five clicks are a real PAIN. When I'm reading documentation, browsing some sources, and so on, I go through this dialog about 3 to 10 times in a row. I'm totally unimpressed, and just because a couple of geeks believed that it was GOOD™ to educate me about how dangerous untrusted certificates are, I have to break my workflow to grab my mouse in the middle of my work. No sorry, I don't really want to be calm.

In fact, what annoys me the most, is that I'm a programmer. And as a programmer, the worst thing to me, is regression. Regression is what happens when you're sloppy, and don't test your program enough. It's what happen when you aren't good enough to keep your concentration, and don't see the big picture, and constantly break your program invariants. So when I see a regression that people did on purpose, well, it shocks me beyond what I can explain with words, that's the worst thing you can do to a piece of software. I won't really mind a new feature that only partially works, I won't mind if a feature that is complicated to write isn't there after 5 years dreaming of it, but this ? I do mind. There is no way to consider that ruining a piece of software like that to the name of A Greater Good is excusable.

Oh and last words: wanting to educate people this way is a way worst offense that what I will ever say on the subject. Such a condescending approach to what they think of their users reminds me of various journalists that I met, and that when I tried to rephrase some things so that they can write about it to their readers, answered to me oh you know, they're too dumb, they'll never understand. And as a result, articles or interview are always distorted, can't interest the readers that don't care about the subject a lot, because there's nothing captivating in the article, and is totally inexact and uninteresting to people interested in the matter, because it's void from its substance. Well, the SSL dialog gives me the very same impression: it's annoying to me who knows what a SSL certificate is, and my mom won't know a single bit more what an SSL certificate is and why she should care^[1].

 ┌─(1:55)────
 └[artemis] sudo dpkg --purge ion3 ion3-scripts
 [sudo] password for madcoder: 
 (Reading database ... 126510 files and directories currently installed.)
 Removing ion3-scripts ...
 Purging configuration files for ion3-scripts ...
 Removing ion3 ...
 Purging configuration files for ion3 ...
 dpkg - warning: while removing ion3, directory `/etc/X11/ion3' not empty so not removed.
 dpkg - warning: while removing ion3, directory `/usr/lib/ion3/lc' not empty so not removed.
 Processing triggers for menu ...
 Processing triggers for man-db ...
 sudo dpkg --purge ion3 ion3-scripts  1,25s user 1,19s system 12% cpu 19,539 total

AAAAAAAAAAAAAAHHHHHHHHHHHHHHHHHHHHHHHHH I feel better now.

I'm right now a proud awesome-3-git user. The current git version has 90% of what I used in ion3. I mostly mis tabs, but I'm almost already used not to have them anymore, tiling is way better after all, and there are pure lua implementations of those around, just the current one are not nice enough (IMHO) but it can only improve. Another missing feature is autocompletion in the launch command / ssh to / ... menus. But I assume this would not really be hard to add.

OTOH there are already things that I like better in awesome: it's easier to extend than ion3, the widgets are a fantastic idea, it uses antialiased fonts, and so on. And layouts are a really clever idea for sure.

See here to see what it can look like.

I sponsored (ugh!) a new ia32-libs today, which means we now are 4 RC down.

Note: I really hate this package.

For today: 469552 was downgraded for probably be a user problem and ktranslator was removed due to 469552. I know that the latter wasn't RC for very long (a couple of days at least) but the maintainer should have detect the criticity of the problem himself (the package is mostly unusable because he can't find some of its plugins or sth like that) and is totally unresponsive.

I'm pleased to announce that we went under the 400 bugs in lenny (according to turmzimmer) and around 250 bugs that are present in both lenny and sid (which is the "real" amount of bugs to fix).

Today, after Cyril Brulebois, and Sylvestre Ledru, Kumar Appaiah contacted me with ready NMUs that I sponsored right away:

• #462540 for enigma
• #455680 for python-visual

About my work:

• #452718 was downgraded as it's unreproducible with the latest fontconfig.
• #468226 was closed, as it's not really a bug (all git contributions are signed-off-by their authors per upstream policy).
• #466984 was closed, for being invalid (though one could argue that kiosktool UI sucks too).

Though, python-central had the brilliant idea to generate ~35 FTBFSes, so this week of RC-Bug-A-Day balance isn't brilliant:

On the other hand, we're almost under 100 g++-4.3 FTBFS, wich is a third of what it was 10 days ago, good job people !

Nothing really exciting today, though 1 RC fixed, and a g++-4.3 FTBFS at the same time.

Since there aren't only serious grave and critical bugs we have to fix for the release, the RM Team spontaneously decided to make a front attack to the g++-4.3 FTBFSes.

All in all we did probably more than 110 to 120 NMU to fix g++-4.3 FTBFS bugs. Our champion is definitely Marc Brockschmidt who uploaded 50 packages. I NMUed 22, and also did one QA upload. Add to that 5 sponsored NMUs for Cyril Brulebois, and one for Arthur Loiret who happens to be my NM, and fixed one of those bugs for his T&S. There are still twice as many to fix, those are really easy bugs to deal with, just give it a try !

I'd like to thank Cyril Brulebois for his awesome work on the g++-4.3 release goal. A shame that he's still elmo-ed, as he wrote more than 150 patches, and could have uploaded them himself if not still waiting for his account. Shame on us.

I must say I disagree with John a lot about git rebase.

git-rebase is the most nice feature I've ever seen float around in a SCM, and is part of the things I love in git. I mean, I do not disagree with the fact that it cannot be used in every single case. It is indeed meant to be used in private topic branches. git-rebase is meant to be used in a workflow where you have a topic branch (meaning some non releaseable nor push-able work) and that you still want to keep up with others work.

With other SCM's, you have to update your working repository, wich in many cases generates nasty conflicts, hard to deal with. Especially in svn e.g.. With git, you commit your work, pull the remote branch, and then rebase ontop of it. It makes a lot of sense, and when your topic branch is indeed ready, you can push it upstreams, and the next rebase will merge the bits that have been accepted automatically. I just can't think of a simpler way.

Btw, we use svn at work, and I do use git-svn instead of svn to be able to develop my own patches without fearing conflicts in the same way I did before. I know I will benefit from the powerfull git merging capabilities and help at any stage, even if I did not pulled the svn for a long time. That makes the developpement much more sane, as I only try to push coherent changes, hence on a less regular basis. You could not do that without git-rebase. In that sense, git-rebase is anything but evil.

Solutions Linux was great. At least I had a great time, seeing a lot of people that I meet too seldom.

A short making up is:

• Setting up a babelbox is … hackisk ;
• Debian France related: the board remains the same for one more year, bubulle and jcristau are now part of the core team;
• Bull is even worse that what I could have ever imagined (see what they came with here).

There was not as many visitors I would have hoped, but that was still a nice time.

edit: it seems only the video card was broken after all, because I carried the computer forgetting to remove the DVI to VGA adapter. So that's a 50€ loss, not a 350€+ one. I'm relieved

your work is very much appreciated.

that's an incredible tedious work. Really thank you.

I announced it, now he did it.

Denis, we will miss you, you did a damn pretty good job on many parts where you were excellent at it. I'm disgusted to see that dunc-tank pushed you out. I'm disgusted to see that people with a lot of qualities are going to do the same, and orphan a lot of packages that really need special care, and that will fall in QA for a while.

That hurts, and that hurts the Project too.

Edit: and now Benjamin is following his path. I feel sick. And those where not the one that get loud about it. They just don't recognize the Debian they knew. Who can blame them ?