[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: https for debbugs.gnu.org
|
From: |
Bob Proulx |
|
Subject: |
Re: https for debbugs.gnu.org |
|
Date: |
Sun, 16 Nov 2014 16:24:23 -0700 |
|
User-agent: |
Mutt/1.5.23 (2014-03-12) |
Glenn Morris wrote:
> Bob Proulx wrote:
> > > debbugs.gnu.org is now also available via https.
> > >
> > > If you find an internal link on the https version that points to the
> > > http version, please report it here.
> >
> > https://debbugs.gnu.org/cgi-bin/mailman/admindb/debbugs-submit
>
> Well, I was really only thinking of the web-pages available to the
> general public. But if you know how to fix Mailman, patches welcome.
Uhm... I haven't hacked on Mailman before. The FSF's lists.gnu.org
Mailman installation has been patched for it. It operates there
fine. So perhaps the same patches already installed there can be
shared? I am not even sure who to ask about it. I have a ChangeLog
that says it happened around 2011-04-20.
Having https for security for the session cookies would be a very good
thing. So far I haven't heard of any sniffing attacks against the
lists but still. Unfortunately https for that page doesn't really
work right unless it works right throughout.
I will just go back to using the non-https pages again. We are all in
the same boat of being resource limited. Can only do what we can do.
Bob