[Cabal] Moving toward a more manageable FAQ

Ethan Blanton elb at psg.com
Tue Dec 19 19:38:16 EST 2006

Daniel Atallah spake unto us the following wisdom:
> On 12/19/06, Ethan Blanton <elb at psg.com> wrote:
> > (By the way, should we turn off http to that server, or redirect it to
> > https?  I think we should, at least if users are logged in or logging
> > in.)
> I've patched the AccountManagerPlugin so that it will force https for
> the Registration, Login and Account Settings editing.  I'm thinking
> that this should be adequate, and we don't need the overhead (I
> believe it is non-trivial, but I could be mistaken) of SSL for
> everything.  Does that sound reasonable, or are there additional
> things that need to be done over a secure connection?

That sounds fair to me.


The laws that forbid the carrying of arms are laws [that have no remedy
for evils].  They disarm only those who are neither inclined nor
determined to commit crimes.
		-- Cesare Beccaria, "On Crimes and Punishments", 1764
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://pidgin.im/cgi-bin/mailman/private/cabal/attachments/20061219/7bea1d03/attachment.pgp 

More information about the Cabal mailing list