[Cabal] Moving toward a more manageable FAQ

[Daniel Atallah]

On 12/19/06, Ethan Blanton <elb at psg.com> wrote:
> (By the way, should we turn off http to that server, or redirect it to
> https?  I think we should, at least if users are logged in or logging
> in.)

I've patched the AccountManagerPlugin so that it will force https for
the Registration, Login and Account Settings editing.  I'm thinking
that this should be adequate, and we don't need the overhead (I
believe it is non-trivial, but I could be mistaken) of SSL for
everything.  Does that sound reasonable, or are there additional
things that need to be done over a secure connection?

-D