[gpodder-devel] secure gpodder.net
- From: brot at gmx.info (Bernd Schlapsi)
- Date: Sun, 09 Jan 2011 15:14:54 +0100
On Sat, 2011-01-08 at 13:34 +0200, Stefan K?gl wrote:
> Hi,
>
> On Sat, Jan 8, 2011 at 1:06 PM, Bernd Schlapsi <brot at gmx.info> wrote:
> > Will the https access always be available in the future beside the http
> > access?
> > If yes I will write feature requests for all 3 libraries to include the
> > option to use a https connection instead of http
>
> I think we should be able to offer https, however I don't know yet
> if/how this would increase the server load, if all clients would start
> using only https.
Would be nice to see some access/user statistics and some information
about the server gpodder.net is running on at the moment.
>
> Some time ago an Authentication API has been implemented (but no yet
> documented). Once finished, we could use it so that at least the
> authentication is done via https.
This would be a step in the right direction, but wouldn't secure the
service that much.
A few month ago the Firefox extension Firesheep demonstrated that only a
https connection could secure the Authentication and Session
information.
I'm aware that the information on gpodder.net isn't that sensitive, but
I prefer to use https with cloud services.
Bernd
Other related posts:
