On Sat, 2011-01-08 at 13:34 +0200, Stefan K?gl wrote: > Hi, > > On Sat, Jan 8, 2011 at 1:06 PM, Bernd Schlapsi <brot at gmx.info> wrote: > > Will the https access always be available in the future beside the http > > access? > > If yes I will write feature requests for all 3 libraries to include the > > option to use a https connection instead of http > > I think we should be able to offer https, however I don't know yet > if/how this would increase the server load, if all clients would start > using only https. Would be nice to see some access/user statistics and some information about the server gpodder.net is running on at the moment. > > Some time ago an Authentication API has been implemented (but no yet > documented). Once finished, we could use it so that at least the > authentication is done via https. This would be a step in the right direction, but wouldn't secure the service that much. A few month ago the Firefox extension Firesheep demonstrated that only a https connection could secure the Authentication and Session information. I'm aware that the information on gpodder.net isn't that sensitive, but I prefer to use https with cloud services. Bernd