Apologies for not classifying this correctly. Yes, this is not a security issue with NetBeans itself.
On Tue, Sep 25, 2018 at 1:47 PM Antonio <anto...@vieiro.net> wrote: > Hi Kenneth, > > I fully agree with you. I'd add a JIRA so we can remember it, but I > won't classify this as a security problem. For me security issues have > special priority, I don't see that priority here. > > Kind regards, > Antonio > > On 25/09/18 19:16, Kenneth Jaeger wrote: > > I understand since there is no login information being sent to > > plugins.netbeans.org, that security is less of a concern, but this is a > > front facing website. It is not just used by the IDE. Browsers are > going > > to start yelling at us when we go to any http site (as I personally think > > they should be). Call me paranoid, but I think the trend toward 100% of > > web traffic being TLS encrypted is a good one. Also if > plugins.netbeans.org > > upgrades to HTTP2, it MUST be TLS then. > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@netbeans.incubator.apache.org > For additional commands, e-mail: dev-h...@netbeans.incubator.apache.org > > For further information about the NetBeans mailing lists, visit: > https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists > > > >
