[Kolab-devel] http without s access to issues.kolab.org (bugzilla)
Bernhard Reiter
bernhard at intevation.de
Fri Dec 2 15:45:26 CET 2011
Am Friday, 2. December 2011 15:27:30 schrieb Christoph Wickert:
> I have seen this in some organizations but IHMO this is a problem of their
> firewalls rather than of our bugzilla.
Sure it is, but also we also want to lower the barrier
for anyone contributing. And a too high barrier is our problem not theirs.
> Please note that we have single sign for our employees and partners (this
> includes your account)
Good to know, I probably knew and forgot. This clearly speaks in favour
of forcing https for the login.
I personally would use https whenever I log in.
Maybe I even use a different account, because a public facing perl system like
bugzilla will not have the security level like a production email account
on the administration side. So for me the single sign on here is not
necessary.
Again, the case for just looking at issues should not require https.
Other concious users should have the option to not use their high value
password over http only. Ideally we also pay the common-ca-tax one day.
Bernhard
--
Managing Director + Owner: www.Intevation.net <- A Free Software Company
Kolabsys.com: Board Member FSFE.org: Founding GA Member
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.kolab.org/pipermail/devel/attachments/20111202/6d7e6b2e/attachment.sig>
More information about the devel
mailing list