On 02/24/2013 03:31 AM, Martin Spott wrote: > Hi, > I planned to report a bug concerning building QGIS trunk on my (my > wife's) PeeCee at home and while loggin into "hub.qgis.org/login" I > noticed that this site: > > a) Apparently authenticates against OSGeo LDAP, but > b) is not capable of properly retrieving the real name and EMail > address from OSGeo LDAP, > c) does *not* enforce HTTP SSL encryption at login and, moreover > d) does not even *permit* HTTP SSL encryption at login. > > While b) just lets you *look* bad, c) is very bad style and d) is very > bad overall, because you're compromising OSGeo passwords. Please > *always* add proper encryption whenever authentication is affected. > > Thanks, > Martin. >
Yup, I've been aware of it and have been constantly asking the qgis PSC to sign up for a free SSL cert from StartSSL. I can sign up for the cert and just have it emailed to me but much preferred that the qgis admins had the account it was under. Thanks, Alex _______________________________________________ Qgis-developer mailing list [email protected] http://lists.osgeo.org/mailman/listinfo/qgis-developer
