Hi Anne, hi All:
Here, in EEA I've noticed and see the same reasons that Glenn exposes,
with subtle emphasis on the reasons three , four and five.
Regards
---
Delfi Ramirez
My digital signature [1]
+34 633 589231
del...@segonquart.net [2]
twitter: delfinramirez
IRC: segonquart Skyp
On Sat, Oct 18, 2014 at 2:50 PM, Anne van Kesteren
wrote:
> I'd be interested in hearing why sites such as forums have not made
> the switch yet. If you're hosting passwords it seems downright
> irresponsible at this point to not use TLS.
>
The most common reasons I've seen are:
- People asking
On Sat, Oct 18, 2014 at 7:14 PM, Roger Hågensen wrote:
> This precludes that a site has a certificate, and depite someone like
> StartSSL giving them out free, sites and forums still do not use HTTPS.
We recently started doing this for whatwg.org. It was not a big deal
(though quite a bit of work
On 2014-10-17 17:09, Nils Dagsson Moskopp wrote:
Roger Hågensen writes:
Also http logins with plaintext transmission of passwords/passphrases
need to go away, and is a pet peeve of mine, I detest Basic
HTTP-Authentication which is plaintext.
Note that Basic Auth + HTTPS provides reliable tran
Roger Hågensen writes:
> Also http logins with plaintext transmission of passwords/passphrases
> need to go away, and is a pet peeve of mine, I detest Basic
> HTTP-Authentication which is plaintext.
Note that Basic Auth + HTTPS provides reliable transport security.
> Hashing the password (or
Was "Re: [whatwg] Proposal: Write-only submittable form-associated
controls."
On 2014-10-16 01:31, Eduardo' Vela" wrote:
If we have a password manager and are gonna ask authors to modify their
site, we should just use it to transfer real credentials, not passwords..
Passwords need to die anywa