From: Dane Smith <c1pher@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Bugzilla 4 migration
Date: Mon, 07 Mar 2011 09:50:42 -0500 [thread overview]
Message-ID: <4D74F0C2.2060301@gentoo.org> (raw)
In-Reply-To: <20110307144819.GA28374@kaini.schwarzvogel.de>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 03/07/2011 09:48 AM, Tobias Klausmann wrote:
> Hi!
>
> On Mon, 07 Mar 2011, Mike Frysinger wrote:
>>>> If *anybody* can't use SSL for any reason please yell so that we can
>>>> decide if we leave it as it is (plain + encrypted) or not.
>>>
>>> Is there any *real* reason to force SSL? It is *hell* slow.
>>
>> it should of course be force for logging in
>
> If it is enforced for login, it should be enforced for logged
> in sessions, cf. Cookie stealing (for a POC: Firesheep). And no,
> restricting the login cookie to an IP is *not* "safe enough".
>
> Regards,
> Tobias
>
First off, a big thanks to infra and all involved in the migration. It
looks awesome!
As to the SSL bit, there is *no* reason not to be using SSL for anything
that requires a username / password. And I 100% agree with Tobias. If
it's necessary to use SSL to login, it's necessary to use it for the
duration of the session. I don't know how feasible it is to do, but if
normal viewing (no login) can be left SSL free, I see no issue there.
Otherwise however, SSL should be in use.
Regards,
- --
Dane Smith (c1pher)
Gentoo Linux Developer -- QA / Crypto / Sunrise / x86
RSA Key: http://pgp.mit.edu:11371/pks/lookup?search=0x0C2E1531&op=index
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBAgAGBQJNdPDCAAoJEEsurZwMLhUxFtUP/istnBrfWjaj8SoHmweB5Uh8
Fblpar2tWVqqSORPV0fkXnYogXK8EbSl4eQDo6Q5LZt4OUzP2T4rLOrrexaxL2s/
GzKYHeoEsUKAfkZa5W3bmL8ZaL0ueYFqM/ucx1r9iGEqEOIr33G3eaR3AlaovmjV
Qw/r0McPFJDxqZz+79Xl/sFTFJaDHebEKiYT9Y40m3+6Ha4EqWcZ5DLX41/kfE77
Du+hCdf5J3E29vED3qtY5FBrmzG4ILBPCXbYxW8IMbpizQAzj7XzH8ZxjA9OvPOJ
S0kxrjQR9oFodiPETYf/vOpsHlp/D3+HECRo4Qa1OJBdkb70ci+5XHoY3GvdAKUe
MN3jCf94CSxlCyJcngWoyiu9j93l2Z3ctjq3cHo1dH4ETo686jyKFm4xBBkm4UrF
Co6c/pkX+78m2Py4hcWml+X2reYMurTC0dRG42YCW3dXRMJha6OZKIKXTf19FakL
bEd0adIK99t+N3i63yKIsd9p5SrU0H2ysJtX2wNyUVMAYnAad7gn7SGCKCytmvAo
4R8to3O7DitfIXAAz78Zj5vwa9VIbPu8dCTV0zo2XHE5EOXfu87YMQYKQQU1KwXK
9Rx0ZLys+vQCJL1EhezXBRcG39ksVHI1/hytD3LMTeRRXeQLJUrE3LK64mxtEARH
f7uLbv3dNgsjbhIM7jfQ
=CxR9
-----END PGP SIGNATURE-----
next prev parent reply other threads:[~2011-03-07 14:56 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-06 22:55 [gentoo-dev] Bugzilla 4 migration Christian Ruppert
[not found] ` <4D742033.5030609@gentoo.org>
2011-03-07 1:49 ` Christian Ruppert
2011-03-07 9:12 ` Michał Górny
2011-03-07 9:24 ` Dirkjan Ochtman
2011-03-07 9:30 ` Michał Górny
2011-03-07 9:25 ` Mike Frysinger
2011-03-07 14:48 ` Tobias Klausmann
2011-03-07 14:50 ` Dane Smith [this message]
2011-03-07 15:00 ` Mike Frysinger
2011-03-07 19:47 ` Michał Górny
2011-03-07 20:03 ` Christian Ruppert
2011-03-07 20:06 ` Olivier Crête
2011-03-07 21:32 ` Fabian Groffen
2011-03-07 21:52 ` Rich Freeman
2011-03-07 21:59 ` Fabian Groffen
2011-03-07 22:23 ` Mike Frysinger
2011-03-07 22:25 ` Mike Frysinger
2011-03-08 8:08 ` Fabian Groffen
2011-03-08 14:26 ` Michał Górny
2011-03-08 14:41 ` Antoni Grzymała
2011-03-08 14:53 ` Michał Górny
2011-03-08 15:06 ` Nathan Phillip Brink
2011-03-07 9:33 ` Robin H. Johnson
2011-03-07 9:51 ` Robin H. Johnson
2011-03-07 10:09 ` justin
2011-03-07 11:30 ` Jorge Manuel B. S. Vicetto
2011-03-07 14:13 ` Donnie Berkholz
2011-03-07 15:35 ` Dirkjan Ochtman
2011-03-07 15:47 ` Donnie Berkholz
2011-03-08 6:50 ` Hans de Graaff
2011-03-08 14:06 ` Donnie Berkholz
2011-03-07 12:20 ` Markos Chandras
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D74F0C2.2060301@gentoo.org \
--to=c1pher@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox