[Cabal] Moving toward a more manageable FAQ
elb at psg.com
Tue Dec 19 19:38:16 EST 2006
Daniel Atallah spake unto us the following wisdom:
> On 12/19/06, Ethan Blanton <elb at psg.com> wrote:
> > (By the way, should we turn off http to that server, or redirect it to
> > https? I think we should, at least if users are logged in or logging
> > in.)
> I've patched the AccountManagerPlugin so that it will force https for
> the Registration, Login and Account Settings editing. I'm thinking
> that this should be adequate, and we don't need the overhead (I
> believe it is non-trivial, but I could be mistaken) of SSL for
> everything. Does that sound reasonable, or are there additional
> things that need to be done over a secure connection?
That sounds fair to me.
The laws that forbid the carrying of arms are laws [that have no remedy
for evils]. They disarm only those who are neither inclined nor
determined to commit crimes.
-- Cesare Beccaria, "On Crimes and Punishments", 1764
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature
Url : http://pidgin.im/cgi-bin/mailman/private/cabal/attachments/20061219/7bea1d03/attachment.pgp
More information about the Cabal