> On Jan 27, 2016, at 7:32 AM, Trygve Inda <[email protected]> wrote:
>
> It is basically a cost issue. It is expensive to set up SSL certificates on
> 8 different servers... It would cost us about $700/yr
Sounds like you’re being overcharged. SSL on hosted domains used to be pricey
(partly due to the CPU overhead of the encryption) but hosts like Dreamhost are
now offering it as a free add-on. And Let’s Encrypt makes getting and
maintaining a cert free and fairly easy.
https://www.dreamhost.com/blog/2016/01/20/free-ssltls-certificates-at-dreamhost-with-lets-encrypt/
https://letsencrypt.org
> and add little benefit as it has been working fine with http (no s) for more
> than 10 years.
This is kind of like living in a small town that’s now grown into a big city,
and still refusing to lock your doors at night. :)
The site may have been fine so far, but the world around it is changing. Both
attacks against and surveillance of cleartext connections are increasing, and
there’s a growing consensus that unencrypted HTTP should be deprecated. Apple’s
ATS is a sign of that.
https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/
https://www.chromium.org/Home/chromium-security/marking-http-as-non-secure
I think it’s pretty likely that, within a year or so, users of your website or
app* are going to be seeing scary security warnings in their browser or mobile
device unless you move to HTTPS.
—Jens
* My bet is that the next step (in iOS 10 / OS X 10.12?) is that the OS will
put up a security alert when your app makes a non-SSL connection. Something
like “FooApp wants to make an insecure connection to www.foo.com. Data could be
eavesdropped on or tampered with. Is this OK?” Then after that, a year or two
later, they’ll start rejecting apps from the App Store for this.
_______________________________________________
Cocoa-dev mailing list ([email protected])
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com
This email sent to [email protected]
