Without SSL it is certainly more vulnerable to things like session
hijacking, but this is a fairly open site where any can read anything,
and just writing is restricted in certain places.
I personally don't like the SSL idea a whole lot because it slows
things down a lot (ie images/css/etc are not cached, etc), and I'm not
sure if there are any "clear and present" dangers for this site...
-David
On Apr 16, 2009, at 11:07 AM, Ean Schuessler wrote:
Is the concern that someone would spoof the doc content?
----- "Tim Ruppert" wrote:
Just wondering if we can / should start using the https on
docs.ofbiz.org? I noticed that when you log in, it just goes back
to http - and now that we have a valid cert, shouldn't we change
this?
Let me know your thoughts.
--
Ean Schuessler, CTO Brainfood.com
e...@brainfood.com - http://www.brainfood.com - 214-720-0700 x 315
