[members-discuss] [ncc-announce] [news] RIPE NCC website becoming HTTPS-only

Hi:

Ripe website are quite slow in some remote areas,  I had quite bad experience of loading time in some area of Africa, Asian, and Middle East.

But as not sure if it has to do with any specific technology or just a general routing issue.

Lu

> On 2015年1月22日, at 下午5:24, Shahin Gharghi <ripe at rased.ir> wrote:
> 
> Dear colleagues
> 
> I agree with Paul and we have a problem with HTTPS in Iran. 
> That's too slow here.
> But because of this: " because we plan to integrate RIPE NCC Access" They have to switch into HTTPS.
> 
>> On Thu, Jan 22, 2015 at 7:18 PM, Paul Civati <paul at racksense.com> wrote:
>> (cc members-discuss)
>> 
>> Mihnea-Costin Grigore <mgrigore at ripe.net> wrote:
>> 
>> > Dear colleagues,
>> >
>> > We plan to make the www.ripe.net website available over HTTPS only as
>> > of 5 February 2015. We believe this change will provide a more secure,
>> > efficient website for our users.
>> >
>> > The www.ripe.net website has been available over HTTPS for some time
>> > already, and we are now making it HTTPS-only for two reasons: to improve
>> > the website's security, and because we plan to integrate RIPE NCC Access
>> > (our single sign-on system) with www.ripe.net as part of our larger
>> > website redesign project, which requires us to use HTTPS throughout the
>> > site.
>> 
>> Some observations spring to mind.
>> 
>> 1. www.ripe.net is (as far as I can see - and I could be wrong - please
>> correct me) primarily an information site, that is it provides publically
>> available information to everyone/anyone.  Therefore it does not largely
>> transmit anything that needs to be secure and encrypted over SSL.
>> 
>> 2. There have been far more security holes in https/TLS/SSL of recent
>> than plain HTTP as far as I can tell.  Therefore I would say that https
>> is less secure unless you have sensitive information to transport.
>> If my assertion (1) is correct then it would not seem beneficial
>> to SSL proect www.ripe.net - indeed it may make it less secure.
>> 
>> 3. Whilst I agree wholeheartedly that SSO is a good plan, in this
>> case separation of the two different entities (information ie.
>> www.ripe.net and admin ie. LIR portal) seems like a good idea.
>> 
>> Of course (3) may break the desire for SSO.
>> 
>> Or this may not really matter and no-one may really care. :)
>> 
>> Regards,
>> 
>> -Paul-
>> 
>> --
>> Paul Civati <paul(at)racksense.com> 0870 321 2855
>> Rack Sense Ltd - Managed Service Provider - www.racksense.com
>> 
>> ----
>> If you don't want to receive emails from the RIPE NCC members-discuss
>> mailing list, please log in to your LIR Portal account and go to the general page:
>> https://lirportal.ripe.net/general/
>> 
>> Click on "Edit my LIR details", under "Subscribed Mailing Lists". From here, you can add or remove addresses.
> 
> ----
> If you don't want to receive emails from the RIPE NCC members-discuss
> mailing list, please log in to your LIR Portal account and go to the general page:
> https://lirportal.ripe.net/general/
> 
> Click on "Edit my LIR details", under "Subscribed Mailing Lists". From here, you can add or remove addresses.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.ripe.net/ripe/mail/archives/members-discuss/attachments/20150122/22dc00db/attachment.html>