[gpodder-devel] secure gpodder.net

  • From: brot at gmx.info (Bernd Schlapsi)
  • Date: Sun, 09 Jan 2011 15:14:54 +0100

On Sat, 2011-01-08 at 13:34 +0200, Stefan K?gl wrote:
> Hi,
> On Sat, Jan 8, 2011 at 1:06 PM, Bernd Schlapsi <brot at gmx.info> wrote:
> > Will the https access always be available in the future beside the http 
> > access?
> > If yes I will write feature requests for all 3 libraries to include the 
> > option to use a https connection instead of http
> I think we should be able to offer https, however I don't know yet
> if/how this would increase the server load, if all clients would start
> using only https.

Would be nice to see some access/user statistics and some information
about the server gpodder.net is running on at the moment.

> Some time ago an Authentication API has been implemented (but no yet
> documented). Once finished, we could use it so that at least the
> authentication is done via https.

This would be a step in the right direction, but wouldn't secure the
service that much.
A few month ago the Firefox extension Firesheep demonstrated that only a
https connection could secure the Authentication and Session
I'm aware that the information on gpodder.net isn't that sensitive, but
I prefer to use https with cloud services.


Other related posts: