Share The Seeds

Share The Seeds Site => STS FAQ, Rules and Site Support => Topic started by: Hypnotastic on December 25, 2018, 04:53:11 PM

Title: SSL
Post by: Hypnotastic on December 25, 2018, 04:53:11 PM
Hi

Seems to be no https for sharetheseeds..
There are free certificates at https://www.sslforfree.com/ if its a matter of cost.

Title: Re: SSL
Post by: blackb0x on December 31, 2018, 05:02:53 PM
I really wish the site would use it, but it's been discussed before: http://sharetheseeds.me/forum/index.php?topic=3915.15
Title: Re: SSL
Post by: Hypnotastic on January 02, 2019, 12:29:13 AM
I wouldn't call SSL weak, and there are certainly more things to worry about than man in the middle attacks. Nor would I recommend (as the admin does) to use Tor to login to this website. As no data here is encrypted, the exit-node will be able to look at all the data passing through in text. WTF is admin thinking suggesting this?
Title: Re: SSL
Post by: Jansch42 on January 02, 2019, 01:59:34 PM
I agree that a https:// vertificate would be nice, we wouldn't have to worry about the european DSVGO either then.
Title: Re: SSL
Post by: humbleNinterested on December 30, 2019, 01:36:30 PM
another option which is super duper easy for the powers that be would be:

1. letsencrypt

or

2. cloudflare

the latter can be setup in less than 5 minutes by rerouting the DNS configuration through cloudflare, and both options are free
Title: Re: SSL
Post by: BubbleCat on December 31, 2019, 05:17:40 PM
SSL itself isn't weak. But most browsers implementation have a consistent history of 'my grandmother would do a better job writing it in x86-assembly while drunk'.
Either way: True. It would be nice to have. Certbot / Letsencrypt makes it easy as cake. Problem: We're a bus without a driver.