Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

SSL in Debian Forums

Code of conduct, suggestions, and information on forums.debian.net.
Message
Author
User avatar
GarryRicketson
Posts: 5644
Joined: 2015-01-20 22:16
Location: Durango, Mexico

Re: SSL in Debian Forums

#21 Post by GarryRicketson »

Well I am glad it is not SSL, Just now experiementing with a freshly installed NETBSD system, and it said I don't have the ssl certificates setup, or configured, if it was "https" I would not be able to connect.
Making it https could make it difficult for some people to connect, expecially for those with problems in a newly installed system and they might not have some of those things configured yet.
I can see where https is needed on some sites, especially like banking sites, or sites where the information being exchanged must be kept confidentual , but I don't think it is needed here and it could very well be a hinderance.

kedaha
Posts: 3521
Joined: 2008-05-24 12:26
Has thanked: 33 times
Been thanked: 77 times

Re: SSL in Debian Forums

#22 Post by kedaha »

levlaz wrote:Once this is live we should just use it. It costs nothing and works in any browser.

https://letsencrypt.org/
I've just obtained a free certificate for one of my domains for a raspberry pi server running raspbian-jessie based on Debian Jessie, using letsencrypt and it was a breeze & works just fine.
DebianStable

Code: Select all

$ vrms

No non-free or contrib packages installed on debian!  rms would be proud.

User avatar
squeeze
Posts: 299
Joined: 2010-06-14 23:16
Location: thimbleweedpark

Re: SSL in Debian Forums

#23 Post by squeeze »

wizard10000 wrote:forums.debian.net isn't an official Debian resource.
Whois says otherwise:
Registrant Organization: Software in the Public Interest, Inc. - Debian Project
“Have you tried turning it off and on again?”

User avatar
4D696B65
Site admin
Site admin
Posts: 2696
Joined: 2009-06-28 06:09
Been thanked: 85 times

Re: SSL in Debian Forums

#24 Post by 4D696B65 »

The only reason I see in support of SSL on this forum is protection of passwords.
I as a forum admin have no power or tools to implement SSL.
If you feel strongly about this, you should pm the server admins, Mez and Ganneff.

User avatar
squeeze
Posts: 299
Joined: 2010-06-14 23:16
Location: thimbleweedpark

Re: SSL in Debian Forums

#25 Post by squeeze »

4D696B65 wrote:If you feel strongly about this, you should pm the server admins, Mez and Ganneff.
Thanks for the reply. I pm'd the admins.
“Have you tried turning it off and on again?”

alderaan
Posts: 90
Joined: 2013-07-25 20:20

Re: SSL in Debian Forums

#26 Post by alderaan »

squeeze wrote:
wizard10000 wrote:forums.debian.net isn't an official Debian resource.
Whois says otherwise:
Registrant Organization: Software in the Public Interest, Inc. - Debian Project
I can't find an official statement for this but debian.net is for projects that are not official (such as this site). When a project becomes official it is moved to debian.org.

User avatar
GarryRicketson
Posts: 5644
Joined: 2015-01-20 22:16
Location: Durango, Mexico

Re: SSL in Debian Forums

#27 Post by GarryRicketson »

I don't know what it matters if it is "official" or not, it exists for users to get help and support,and functions, and so it is real.
Debian.org lists the forum as source for support.
https://www.debian.org/support#web
Web sites
Forums

debianHELP and Debian User Forums are web portals on which you can discuss Debian-related topics, submit questions about Debian, and have them answered by other users.

jesus92gz
Posts: 121
Joined: 2015-02-06 18:07

Re: SSL in Debian Forums

#28 Post by jesus92gz »

I understand that in order to use SSL, the server should need extra-power, as more CPU and memory would be required. I think it's worth, though.

Anyways, Let's encrypt is now issuing free/gratis SSL certificates, and I would consider this option: https://letsencrypt.org/

eg: FreeBSD forums are encrypted (though it's the official one). https://forums.freebsd.org/

lukas
Posts: 87
Joined: 2011-07-30 15:43

Re: SSL in Debian Forums

#29 Post by lukas »

jesus92gz wrote:I understand that in order to use SSL, the server should need extra-power, as more CPU and memory would be required. I think it's worth, though.

Anyways, Let's encrypt is now issuing free/gratis SSL certificates, and I would consider this option: https://letsencrypt.org/

eg: FreeBSD forums are encrypted (though it's the official one). https://forums.freebsd.org/
All that is fine. Truth to be told: The forum is pretty abandoned, when it comes to administration.
It is pointless to ask here for enhancements.
You can try your luck here:
http://forums.debian.net/viewtopic.php?f=11&t=47049

johnw
Posts: 6
Joined: 2014-06-05 05:05

Re: SSL in Debian Forums

#30 Post by johnw »

Yes, support https please ...
At least for login / password, thank.

Or no admin/root here?

compute34ymk
Posts: 6
Joined: 2016-05-19 07:55

Re: SSL in Debian Forums

#31 Post by compute34ymk »

I upvote using SSL on the forums.
IT MAKES SENSE
Any website which you enter informaiton such as passwords should be secure.

More and more websites are using it. Even yahoo.
The most recent website that could have any relevance here being linux mint.

They were hacked recently, their .iso images and forums. At this time 0% of their website used https.
Now the linux mint forums and site uses https. The blog is the only part that doesn't.

Changes to password policies
http://blog.linuxmint.com/?p=3007
All forums users should change their passwords.
Beware of hacked ISOs if you downloaded Linux Mint on February 20th!

Post Reply