On Wed, 25 Jun 2014, Jason KG4WSV wrote:
Ok, that was a bit flippant of me, but I think the level of security provided is proportionate to the data being protected in this case. YMMV.
That's where my mind-set was. I was trying to get light encryption going from the browser to the server, not protect against serious attacks or spammers. The captcha has done a good job so far against spammers however.
It will protect your wiki password from casual interception at the coffee shop, which is important if you're bone-headed enough to use a password that is also used to secure more important things (bank accounts). No it won't protect against MITM. OTOH one reason to go ahead and get a signed certificate is that security conscious networks (govt, many corporate networks, etc) block sites using self-signed certs.
I've had several people point out ways to do real certificates. It's appreciated. I'm not trying to make this little wiki/mailing-list server my life's work. Just enough to get the job done. If the number of bits of encryption for the self-signed cert isn't adequate I can redo it. If it's enough as-is to protect someone wiki password in most cases, then I'd rather not tweak it. The larger amount of work yesterday was to get protocol-independent URL's working on the Wiki. I had to tweak a few links here and there that specifically included "http://www.xastir.org"; in the URL. They now read "//xastir.org". Let me know if any local links on the Wiki take you out of https mode and I'll fix them. -- Curt, WE7U. http://wetnet.net/~we7u APRS Client Capabilities: http://wetnet.net/~we7u/aprs_capabilities.html _______________________________________________ Xastir mailing list [email protected] http://xastir.org/mailman/listinfo/xastir
