|
Boost : |
Subject: Re: [boost] [website] SSL certificate
From: Rene Rivera (grafikrobot_at_[hidden])
Date: 2010-08-16 13:14:04
On 8/16/2010 11:53 AM, Thomas Heller wrote:
> Rene Rivera wrote:
>
>> On 8/16/2010 11:39 AM, David Abrahams wrote:
>>> I suppose, pretty soon, we may
>>> not need to have any https stuff on our own domain anyway, but as long
>>> as we do have to do that, it would be good to have a cert that doesn't
>>> raise any alarms.
>>
>> Hm.. I guess this is a pertinent question.. Do we really need HTTPS
>> stuff even now? I mean..<http://svn.boost.org/svn currently> works. So
>> it's just a matter of turning on<http://svn.boost.org/trac>.
>
> The problem is sending usernames and password unencrypted. Which would be
> the case when turning of SSL.
Even for HTTP svn doesn't send passwords in the clear, IIRC. And I'm
fairly sure neither does Trac.
-- -- Grafik - Don't Assume Anything -- Redshift Software, Inc. - http://redshift-software.com -- rrivera/acm.org (msn) - grafik/redshift-software.com -- 102708583/icq - grafikrobot/aim,yahoo,skype,efnet,gmail
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk