On 21/03/16 08:06, Tom Hughes wrote:
On 21/03/16 06:16, André Riedel wrote:
We've got a bug report at the Chemnitzer Linux-Tage. osm.org should be
added as alternative name in the openstreetmap.org certificate. This
is important for the link shortener.
https://osm.org/go/0MIaEuZzQ-?m=
Do we actually generate that name anywhere? or have you just assumed
that you can change it to https?
Tom
The same here, the SSL works correctly for www.openstreetmap.org , and
it does not work for www.osm.org
It is well known that SSL encrypts a web-page content, but it is less
understood that the SSL also encrypts the URL itself (except the domain
name). So with SSL (https://) people who monitor a LAN can see that
openstreetmap.org (or osm.org) were visited, but it is not possible to
see what part of the map was looked at, as anything after .org is
encrypted. I read about it and probably tested it with network analyzer
https://www.wireshark.org/
But SSL adds some additional load to web-servers. So if one just looks
at the map in general there is no sense to use https://, but if planning
a trip in a risky environment, for example for humanitarian workers, it
would be safer to use SSL.
brgds
Oleksiy
_______________________________________________
dev mailing list
[email protected]
https://lists.openstreetmap.org/listinfo/dev
