On Wed, Jun 25, 2014 at 7:32 AM, Eric H. Christensen <[email protected]> wrote: > Also, it appears that the server supports EXPORT cipher suites. I'd > recommend just supporting HIGH ciphers.
Thinking a little more outside the box, how about supporting null cipher, for those users coming from from ham RF networks? By supporting HIGH and eNULL, the browser gets to choose. Most browsers will choose HIGH, unless the ham has specifically configured their browser not to allow encryption. How is this secure compared to plain text http? 1) The remote server is authenticated (not currently the case, because Curt did not tell us which self-signed cert to expect. Maybe he could send a PGP-signed message to let us know what key to expect on the server, or get his cert signed by one of the free, trusted CAs like StartCom) 2) You can turn on SSL client authentication and use it in lieu of passwords. There's a MediaWiki extension for this: http://www.mediawiki.org/wiki/Extension:SSL_authentication, and the ARRL signs certificates, free (free wold-wide, regardless of membership), that can be trusted more than a CAPTCHA. Tom KD7LXL _______________________________________________ Xastir mailing list [email protected] http://xastir.org/mailman/listinfo/xastir
