From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Pwgem-0006IN-MH for garchives@archives.gentoo.org; Mon, 07 Mar 2011 20:03:57 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A0DA31C04D; Mon, 7 Mar 2011 20:03:43 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 3D9141C072 for ; Mon, 7 Mar 2011 20:03:13 +0000 (UTC) Received: from [192.168.1.2] (ip-78-94-189-156.unitymediagroup.de [78.94.189.156]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: idl0r) by smtp.gentoo.org (Postfix) with ESMTPSA id A68321B402D; Mon, 7 Mar 2011 20:03:11 +0000 (UTC) Message-ID: <4D7539F7.6020402@gentoo.org> Date: Mon, 07 Mar 2011 21:03:03 +0100 From: Christian Ruppert User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110306 Thunderbird/3.1.9 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 To: gentoo-dev@lists.gentoo.org CC: =?UTF-8?B?TWljaGHFgiBHw7Nybnk=?= , klausman@gentoo.org Subject: Re: [gentoo-dev] Bugzilla 4 migration References: <4D7410E3.3070708@gentoo.org> <20110307101214.37beac3a@pomiocik.lan> <20110307144819.GA28374@kaini.schwarzvogel.de> <20110307204708.5da83080@pomiocik.lan> In-Reply-To: <20110307204708.5da83080@pomiocik.lan> X-Enigmail-Version: 1.1.2 OpenPGP: id=B427ABC8 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enigC52157F11887A9AA0C08BF67" X-Archives-Salt: X-Archives-Hash: 02a012d95cef5718c0581a74a4feb454 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigC52157F11887A9AA0C08BF67 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 03/07/2011 08:47 PM, Micha=C5=82 G=C3=B3rny wrote: > On Mon, 7 Mar 2011 15:48:19 +0100 > Tobias Klausmann wrote: >=20 >> On Mon, 07 Mar 2011, Mike Frysinger wrote: >>>>> If *anybody* can't use SSL for any reason please yell so that we >>>>> can decide if we leave it as it is (plain + encrypted) or not. >>>> >>>> Is there any *real* reason to force SSL? It is *hell* slow. >>> >>> it should of course be force for logging in >> >> If it is enforced for login, it should be enforced for logged >> in sessions, cf. Cookie stealing (for a POC: Firesheep). And no, >> restricting the login cookie to an IP is *not* "safe enough". >=20 > Why does everyone assume it needs to be enforced? If user is interested= > in protecting his/her data, he/she can simply use https://. If he/she > is not, there is no real reason to enforce slower (and not always > supported) SSL. >=20 > It's like forcing everyone to have doors with semi-automatic locks. >=20 *I* think it's ok if we're going to protect *our* data. Some user may even benefit from it. I don't see any disadvantages for our users. --=20 Regards, Christian Ruppert Role: Gentoo Linux developer, Bugzilla administrator and Infrastructure member Fingerprint: EEB1 C341 7C84 B274 6C59 F243 5EAB 0C62 B427 ABC8 --------------enigC52157F11887A9AA0C08BF67 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJNdTn3AAoJEMOx0zmdw4Z1A3kIAJfye4/ALqoILpewCCBYP/R7 qCLOtpa+WQdUIGdWYdSUIBcUswngwCjmInUpjokiDglA4PjetVnvDk9hPN7itr4A GIGRBVXTA5EaJKDM8xk3vfY/2kO6X/x4BRndRoLciAH2eVf/Lv23Ihm1MI/s+JWQ 4CpYX3zoKAtRrufgq7LN+yXnU8g3qw1nxmDhFWwmnXqQxn499GkWloDlezphqQhe ON2N0wChTwMQqQ5aXQx0J0xcysZMV7UGt01h4oDr53fqS+mqR04mvp4NI6k2SHQv vmHyBH8TLVKuCKyJOEOGoGeeramxGGKkG5u6prlfWefXHmYB2LnzBe+CWT7kqEM= =BY0H -----END PGP SIGNATURE----- --------------enigC52157F11887A9AA0C08BF67--