[Tracker-discuss] [issue518] Plaintext connections when logging in
Ronald Oussoren
metatracker at psf.upfronthosting.co.za
Fri Jun 28 09:17:37 CEST 2013
New submission from Ronald Oussoren:
All communication with bugs.python.org is over plain HTTP, not HTTPS. This includes user authentication. This means it is unsafe to log in from an untrusted network when your using a username/password to log in. I don't know enough of OpenID to know if that's safer to use.
A possible solution to this problem is to HTTPS-enable the bug reporter (as was done for PyPI)
----------
messages: 2735
nosy: ronaldoussoren
priority: wish
status: unread
title: Plaintext connections when logging in
_______________________________________________________
PSF Meta Tracker <metatracker at psf.upfronthosting.co.za>
<http://psf.upfronthosting.co.za/roundup/meta/issue518>
_______________________________________________________
More information about the Tracker-discuss
mailing list