On 02/24/2013 03:31 AM, Martin Spott wrote:
> Hi,
> I planned to report a bug concerning building QGIS trunk on my (my
> wife's) PeeCee at home and while loggin into "hub.qgis.org/login" I
> noticed that this site:
> 
> a) Apparently authenticates against OSGeo LDAP, but
> b) is not capable of properly retrieving the real name and EMail
>    address from OSGeo LDAP,
> c) does *not* enforce HTTP SSL encryption at login and, moreover
> d) does not even *permit* HTTP SSL encryption at login.
> 
> While b) just lets you *look* bad, c) is very bad style and d) is very
> bad overall, because you're compromising OSGeo passwords.  Please
> *always* add proper encryption whenever authentication is affected.
> 
> Thanks,
>       Martin.
> 

Yup, I've been aware of it and have been constantly asking the qgis PSC
to sign up for a free SSL cert from StartSSL. I can sign up for the cert
and just have it emailed to me but much preferred that the qgis admins
had the account it was under.

Thanks,
Alex
_______________________________________________
Qgis-developer mailing list
[email protected]
http://lists.osgeo.org/mailman/listinfo/qgis-developer

Reply via email to