[SAC] Stuck on Website Migration

Martin Spott Martin.Spott at mgras.net
Thu Nov 10 03:26:20 EST 2011


Hi, just a short comment before the discussion leaves the list (well,
maybe it already did ....  ;-)

On Wed, Nov 09, 2011 at 12:18:34PM +0000, Jorge Gustavo wrote:

> So, my approach is:
> i) support LDAP logins in D7 http://www-new.osgeo.org/
> ii) support SSL in D7 http://www-new.osgeo.org/

Please swap these two: Getting SSL encryption working should be the
first step _before_ people start sending their unencrypted LDAP
passwords over The Net.  Generally speaking your PW is already to be
considered as being compromised even if you've done that just one
single time.
Now think of how many services you're using with this password ....

Cheers,
	Martin.
-- 
 Unix _IS_ user friendly - it's just selective about who its friends are !
--------------------------------------------------------------------------


More information about the Sac mailing list