Karl Fogel wrote: > Lukasz Szybalski <[email protected]> writes: >> Hello, >> Could you guys elaborate on why every page on launchpad.net is only >> accessible via https? > > Security -- that is, protection from impersonation. We don't want to > send passwords or user-specific cookies over plaintext http://, because > that might make it possible for someone to impersonate a user, change > that user's personal data, or view to data that only that user should > have access to.
Agree. But, as another for instance, having download tarballs only accessible via https makes it a bit harder for places where you're grabbing those via wget or the like (you have to pass the ignore-invald-cert option) Monty _______________________________________________ Mailing list: https://launchpad.net/~launchpad-users Post to : [email protected] Unsubscribe : https://launchpad.net/~launchpad-users More help : https://help.launchpad.net/ListHelp
