[SAC] should we move to SSL only?
Alex Mandel
tech_dev at wildintellect.com
Tue Apr 8 10:08:35 PDT 2014
On 04/08/2014 06:30 AM, Zac Spitzer wrote:
> is it viable for osgeo to be offering trac etc via http in 2014?
>
>
Thanks for raising this question again. I agree Logins should be forced
to https, right now a user has to consciously choose. As for whole site
https all the time. Well if the trac instance doesn't have any private
tickets I'm not sure it's necessary. But I would be fine with
authenticated sessions staying in https.
Having non-https for non-authenticated sessions does make browsing and
anonymous svn checkouts faster.
Any other opinions?
Thanks,
Alex
More information about the Sac
mailing list