[members-discuss] [ncc-announce] [news] RIPE NCC website becoming HTTPS-only
- Previous message (by thread): [members-discuss] [ncc-announce] [news] RIPE NCC website becoming HTTPS-only
- Next message (by thread): [members-discuss] [ncc-announce] [news] RIPE NCC website becoming HTTPS-only
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Shahin Gharghi
ripe at rased.ir
Thu Jan 22 17:24:13 CET 2015
Dear colleagues I agree with Paul and we have a problem with HTTPS in Iran. That's too slow here. But because of this: " because we plan to integrate RIPE NCC Access" They have to switch into HTTPS. On Thu, Jan 22, 2015 at 7:18 PM, Paul Civati <paul at racksense.com> wrote: > (cc members-discuss) > > Mihnea-Costin Grigore <mgrigore at ripe.net> wrote: > > > Dear colleagues, > > > > We plan to make the www.ripe.net website available over HTTPS only as > > of 5 February 2015. We believe this change will provide a more secure, > > efficient website for our users. > > > > The www.ripe.net website has been available over HTTPS for some time > > already, and we are now making it HTTPS-only for two reasons: to improve > > the website's security, and because we plan to integrate RIPE NCC Access > > (our single sign-on system) with www.ripe.net as part of our larger > > website redesign project, which requires us to use HTTPS throughout the > > site. > > Some observations spring to mind. > > 1. www.ripe.net is (as far as I can see - and I could be wrong - please > correct me) primarily an information site, that is it provides publically > available information to everyone/anyone. Therefore it does not largely > transmit anything that needs to be secure and encrypted over SSL. > > 2. There have been far more security holes in https/TLS/SSL of recent > than plain HTTP as far as I can tell. Therefore I would say that https > is less secure unless you have sensitive information to transport. > If my assertion (1) is correct then it would not seem beneficial > to SSL proect www.ripe.net - indeed it may make it less secure. > > 3. Whilst I agree wholeheartedly that SSO is a good plan, in this > case separation of the two different entities (information ie. > www.ripe.net and admin ie. LIR portal) seems like a good idea. > > Of course (3) may break the desire for SSO. > > Or this may not really matter and no-one may really care. :) > > Regards, > > -Paul- > > -- > Paul Civati <paul(at)racksense.com> 0870 321 2855 > Rack Sense Ltd - Managed Service Provider - www.racksense.com > > ---- > If you don't want to receive emails from the RIPE NCC members-discuss > mailing list, please log in to your LIR Portal account and go to the > general page: > https://lirportal.ripe.net/general/ > > Click on "Edit my LIR details", under "Subscribed Mailing Lists". From > here, you can add or remove addresses. > -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.ripe.net/ripe/mail/archives/members-discuss/attachments/20150122/fe38a80d/attachment.html>
- Previous message (by thread): [members-discuss] [ncc-announce] [news] RIPE NCC website becoming HTTPS-only
- Next message (by thread): [members-discuss] [ncc-announce] [news] RIPE NCC website becoming HTTPS-only
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]