[Qgis-developer] secure qgis.org - SSL certificate
Tyler Mitchell
info at locatepress.com
Wed Oct 10 09:06:36 PDT 2012
Just FYI that OSGeo has used comodo in the past - not sure if there could be a discount option for > 1 domain :)
On 2012-10-10, at 5:26 AM, Matthias Kuhn wrote:
> Hi,
>
> at the HF we started to talk about making qgis.org a little bit more
> secure.
> At the moment, the password that is used to authenticate for the wiki,
> bugtracker etc is transmitted in cleartext. I urge everybody to not use
> the same password than for their onlinebanking at the moment (you
> probably know that you shouldn't anyway and of course have not been
> using the same password on different sites, right?).
>
> Nevertheless, this needs to be fixed.
>
> Short summary of options (incomplete):
>
> cacert
> http://www.cacert.org/
> Open approach to certification, based on community efforts.
> Unfortunately not installed by default on most browsers.
>
> thawte
> http://www.thawte.com/
> Looks like they offered free certificates to opensource projects some
> years ago. Maybe we could ask them if this offer is still valid.
>
> comodo
> http://www.comodo.com/
> Pretty cheap offers
>
> startssl
> https://www.startssl.com/
> Also cheap offers (starting from free)
>
> Would we need a wildcard certificate? Probably yes, as we want it to be
> valid for hub.qgis.org, wiki.qgis.org etc...
>
> Here discussion I found for another opensource project which changed its
> provider for ssl certificate:
> http://drupal.org/node/1386548
>
> In the end they ordered one on http://www.namecheap.com/
>
> What do you think?
>
> _______________________________________________
> Qgis-developer mailing list
> Qgis-developer at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/qgis-developer
-----
Tyler Mitchell, Publisher
Locate Press, info at locatepress.com
Open Source "geo" Books
http://www.locatepress.com
More information about the Qgis-developer
mailing list