[members-discuss] [ncc-announce] [news] RIPE NCC website becoming HTTPS-only
- Previous message (by thread): [members-discuss] [address-policy-wg] RIPE NCC Charging Scheme 2016 Discussion
- Next message (by thread): [members-discuss] [ncc-announce] [news] RIPE NCC website becoming HTTPS-only
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Paul Civati
paul at racksense.com
Thu Jan 22 16:48:01 CET 2015
(cc members-discuss) Mihnea-Costin Grigore <mgrigore at ripe.net> wrote: > Dear colleagues, > > We plan to make the www.ripe.net website available over HTTPS only as > of 5 February 2015. We believe this change will provide a more secure, > efficient website for our users. > > The www.ripe.net website has been available over HTTPS for some time > already, and we are now making it HTTPS-only for two reasons: to improve > the website's security, and because we plan to integrate RIPE NCC Access > (our single sign-on system) with www.ripe.net as part of our larger > website redesign project, which requires us to use HTTPS throughout the > site. Some observations spring to mind. 1. www.ripe.net is (as far as I can see - and I could be wrong - please correct me) primarily an information site, that is it provides publically available information to everyone/anyone. Therefore it does not largely transmit anything that needs to be secure and encrypted over SSL. 2. There have been far more security holes in https/TLS/SSL of recent than plain HTTP as far as I can tell. Therefore I would say that https is less secure unless you have sensitive information to transport. If my assertion (1) is correct then it would not seem beneficial to SSL proect www.ripe.net - indeed it may make it less secure. 3. Whilst I agree wholeheartedly that SSO is a good plan, in this case separation of the two different entities (information ie. www.ripe.net and admin ie. LIR portal) seems like a good idea. Of course (3) may break the desire for SSO. Or this may not really matter and no-one may really care. :) Regards, -Paul- -- Paul Civati <paul(at)racksense.com> 0870 321 2855 Rack Sense Ltd - Managed Service Provider - www.racksense.com
- Previous message (by thread): [members-discuss] [address-policy-wg] RIPE NCC Charging Scheme 2016 Discussion
- Next message (by thread): [members-discuss] [ncc-announce] [news] RIPE NCC website becoming HTTPS-only
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]