On Saturday 10 Mar 2012 16:44:55 Daxter wrote: > On Mar 10, 2012, at 3:44 AM, Florent Daigniere wrote: > > On Fri, Mar 09, 2012 at 07:11:19PM -0600, Daxter wrote: > >> > >> I'm all for HTTPS, but do we really want to outright *remove* > >> functionality from the site? Sure, HTTP isn't secure and all "modern" web > >> browsers support it. However, we would be making it harder for people to > >> learn about Freenet and potentially try it out. > >> > > > > Why? You could still access it over HTTP... and be presented with > > (transparent) redirect to the secure version. > > I just scratched an itch and discovered that even Lynx supports HTTPS? If it > really is the case that HTTPS has become so ubiquitous that users wouldn't be > affected, then sure, go ahead with it. > > HOWEVER: the question really needs to be restated. Are there any countries or > ISPs that are known to disallow secure communications? > > >> In the end I think we should do what every major website does today: > >> encrypt the important data and let the entire site be accessible securely, > >> but don't force it onto people. > >> > >> -Daxter > > > > It's very difficult to do and most websites do it wrong. You have to think > > about mixed-content errors, cookie flags, ... > > > > Sending credentials in cleartext like we do on the wikis, with no secure > > alternative, is a disgrace. > > > > Florent > > > Can you give me an example of a website that in your mind does either the > mixed model or the secure-only model properly? It would be nice to compare > with them. > > Actually, the wiki supports HTTPS right now. You'll get a certificate error, > but it works.
Why do you get a cert error? We have a wildcard cert! > > While we're on the subject (as I've never bothered with HTTPS on the site > until now), turns out it's rather misconfigured. Both the wiki and the main > site return a certificate for emu.freenetproject.org? That address isn't > accessible--what was it, and shouldn't we get this fixed? Eh? I thought we used the wildcard cert for everything? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120310/9189ccf3/attachment.pgp>
