2012/5/3 Ioan Eugen Stan <stan.ieu...@gmail.com>: > Great, > > Pe 03.05.2012 12:15, Manuel Carrasco Moñino a scris: > >> Yep, enabling ssl in jetty server is the easiest way, I did not because we >> need a valid ssl certificate for the server. >> >> Do you know if ASF provides certificates for servers? > > > I don't know. > > >> I'll configure jetty to listen in 443 with a non trust certificate and >> I'll >> write a banner about the issue. > > > A personal signed + banner will do for me and most people I think. > > >> Communication between our server and gmail is encrypted though >> > > Not of much use if he gets my password :). Regarding this, a delegation in > hupa is important. > > Having just SSL will make man-in-the-middle sniffing possible and if hupa is > used as a client for services like GMail some people may be affected. I will > put a JIRA for this. > > Thanks, > >
Added https://issues.apache.org/jira/browse/HUPA-91 . -- Ioan Eugen Stan http://ieugen.blogspot.com/ *** http://bucharest-jug.github.com/ *** --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org
