On 29 December 2014 at 07:26, Markus Sabadello <[email protected]> wrote:
> Another thing Sunil and I talked about yesterday is > https://letsencrypt.org/ > > If we add that to fbx, all our SSL problems should go away, right? > Let's hope so! > No matter if we use subdomains or not.. > You still have to deal with Same Origin Policy which applies to a bunch of stuff other than mixed content. For example, localStorage, web crypto API, perhaps more. I like the sub domain pattern a lot, perhaps we should make a list of the trade offs. > > Markus > > > On 12/29/2014 01:17 AM, Ingo Stock wrote: > > Hi, > > on 28/12/14 22:45, Markus Sabadello wrote: > > One pattern I have been experimenting with is creating subdomains for > each new application which has a web interface. > I think this is more reliable than using folders, since some > applications may assume they are installed at the root /. > > The problem with subdomains used together with self assigned > ssl-certificates is, that the browser will request the user to add a > security exception for every subdomain, even with a wildcard > certificate. This behavior is completely on the client side. Else the > user would have to install her personal CA in the browser. > > Using directories is indeed less reliable, but possibly the better way > in regard to user experience. For software assuming to run in the root > directory, the code has to be rewritten on-the-fly by the webserver, > which is quite dirty. > > atb, ingo > > > > > _______________________________________________ > Freedombox-discuss mailing > [email protected]http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss > > > > _______________________________________________ > Freedombox-discuss mailing list > [email protected] > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss >
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
