#sphinx-doc

it'd be nice if sphinx-doc.org would finally introduce HTTPS :)

it's 2018, 2 years of let's encrypt...

that would be readthedocs.org issue

TheAssassin,

oh, it's hosted externally?

used to be hosted by pocoo

yeah

hm, http://flask.pocoo.org/ is also not HTTPS :)

but yeah, valid point

although I guess you guys are who would need to contact rtd about it

you don't really need your documentation in https and if you're concerned about privacy then use tor

yes but readthedocs should be https

and to pre-empt the what if it gets manipulated in transit, I'd only point to signed or hashed distributions of docs with the packages themselves

Hasimir: well that's a really ignorant statement

HTTPS significantly increases user's privacy

it's not really about the integrity of the contents

but with HTTPS enabled, a surveillor could never tell what pages you click on etc.

HTTP is considered deprecated furthermore

soon browsers will probably show security warnings before letting you visit a non-SSL page

Blendify: btw, there's no way to view the docs on https://readthedocs.org/projects/sphinx/ or so, it redirects to sphinx-doc.org

might be https://docs.readthedocs.io/en/latest/alternate...

yeah sure that's a possibility, although in that case it's probably easier to just compile & host it yourself ;)

even GitHub pages use Let's Encrypt to provide SSL support to people with custom domains... perhaps read the docs should introduce that too

My project host it self and it is a lot of work

no auto deployment?

we had to write our own cron task to watch an svn repo

I guess there's a reason you don't use some push-style notification using the SVN commit hooks?

Im not sure...

I took over the project after it was mostly setup

and Im not our server guy

I solve such stuff with Docker containers, I wrote a little tool in Go (https://github.com/TheAssassin/docker-deploy) to which you can just perform HTTP requests to trigger some sort of script

this could be used to recompile and redeploy some sphinx doc

hm, I should probably push my recent changes to docker-deploy sometime soon

anyway, I hope someone here can introduce SSL soon :)

TheAssassin, hence my point about utilising Tor for that purpose while retaining the ability to communicate with those who may not have the most up to date hardware and software

and depending on the target site, traffic analysis could still reveal a lot (without taking into account past issues like shared primes, etc.)

also, does readthedocs.org use websockets? because if so then ssl/tls becomes somewhat more annoying, the same is true with CDNs involved (especially if running a site that is politically incorrect enough to be told to go to hell (currently the naughty list is occupied by nazis and escorts)