Force https for imfreedom.org website?

• Next message: Force https for imfreedom.org website?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

How do people feel about redirecting from http to https for all URLs on
imfreedom.org?

My reasons for wanting to do this are:
- Secure interactions with the protocol documentation wiki to prevent
password stealing and session hijacking.
- Reduce the chances of a MITM sending altered content to a user.  This is
extremely unlikely, because who in their right mind would want to mess with
this content...?  I mean, who cares?

Downsides:
- We'll have to keep buying SSL certs.
- Little bit slower to load, especially for users with high latency to our
server, (TLS negotiation requires  more round trips).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pidgin.im/pipermail/discussion/attachments/20130401/6e791a9f/attachment.html>

• Next message: Force https for imfreedom.org website?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]