Hi Kevin, I think this is Doable.
On 02/14/2017 02:10 PM, Kevin Fenzi wrote:
Greetings. In the past we haven't bothered to make fedoraplanet.org https because some/many of the blogs that are aggregated there are http. However, now with the advent of letsencrypt, I wonder if we shouldn't revisit that. I noticed this again due to a recent gnome planet post: http://nibblestew.blogspot.com/2017/02/enabling-https-is-easy.html Proposal: * We get a https cert for fedoraplanet.org and enable it. (of course right now it will show lots of insecure content which will be anoying support wise as people ask us about it, but no more so than 'why isn't it https enabled'). * We send out an announcement asking everyone who has a blog aggregated on fedoraplanet to https enable their blogs. * We have some deadline (like 6 months? a year? less?) and after that point we drop all the http blogs and only allow https. There's no real security advantage here, other than making more traffic on the net encrypted, which I think is a good goal. What do folks think? Doable? To harsh? Pointless? kevin _______________________________________________ infrastructure mailing list -- [email protected] To unsubscribe send an email to [email protected]
_______________________________________________ infrastructure mailing list -- [email protected] To unsubscribe send an email to [email protected]
