This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/members-discuss@ripe.net/
[members-discuss] [ncc-announce] [news] RIPE NCC website becoming HTTPS-only
- Previous message (by thread): [members-discuss] [address-policy-wg] RIPE NCC Charging Scheme 2016 Discussion
- Next message (by thread): [members-discuss] [ncc-announce] [news] RIPE NCC website becoming HTTPS-only
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Paul Civati
paul at racksense.com
Thu Jan 22 16:48:01 CET 2015
(cc members-discuss) Mihnea-Costin Grigore <mgrigore at ripe.net> wrote: > Dear colleagues, > > We plan to make the www.ripe.net website available over HTTPS only as > of 5 February 2015. We believe this change will provide a more secure, > efficient website for our users. > > The www.ripe.net website has been available over HTTPS for some time > already, and we are now making it HTTPS-only for two reasons: to improve > the website's security, and because we plan to integrate RIPE NCC Access > (our single sign-on system) with www.ripe.net as part of our larger > website redesign project, which requires us to use HTTPS throughout the > site. Some observations spring to mind. 1. www.ripe.net is (as far as I can see - and I could be wrong - please correct me) primarily an information site, that is it provides publically available information to everyone/anyone. Therefore it does not largely transmit anything that needs to be secure and encrypted over SSL. 2. There have been far more security holes in https/TLS/SSL of recent than plain HTTP as far as I can tell. Therefore I would say that https is less secure unless you have sensitive information to transport. If my assertion (1) is correct then it would not seem beneficial to SSL proect www.ripe.net - indeed it may make it less secure. 3. Whilst I agree wholeheartedly that SSO is a good plan, in this case separation of the two different entities (information ie. www.ripe.net and admin ie. LIR portal) seems like a good idea. Of course (3) may break the desire for SSO. Or this may not really matter and no-one may really care. :) Regards, -Paul- -- Paul Civati <paul(at)racksense.com> 0870 321 2855 Rack Sense Ltd - Managed Service Provider - www.racksense.com
- Previous message (by thread): [members-discuss] [address-policy-wg] RIPE NCC Charging Scheme 2016 Discussion
- Next message (by thread): [members-discuss] [ncc-announce] [news] RIPE NCC website becoming HTTPS-only
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]