[tahoe-dev] [tahoe-lafs] #997: The webapi/WUI should have https enabled by default
tahoe-lafs
trac at allmydata.org
Sat Mar 13 12:16:38 PST 2010
#997: The webapi/WUI should have https enabled by default
----------------------------------------+-----------------------------------
Reporter: jsgf | Owner: nobody
Type: defect | Status: new
Priority: major | Milestone: undecided
Component: unknown | Version: 1.6.0
Keywords: confidentiality wui webapi | Launchpad_bug:
----------------------------------------+-----------------------------------
In the spirit of making the defaults secure, the web interface should have
https enabled by default. Plain http is only secure if you assume users
will always interact with the server over a secure network, but practice
shows that people often connect to remote servers.
This implies that Tahoe should ship with some certificates. These can be
any dummy self-signed certs, since we just need secure key negotiation.
--
Ticket URL: <http://allmydata.org/trac/tahoe/ticket/997>
tahoe-lafs <http://allmydata.org>
secure decentralized file storage grid
More information about the tahoe-dev
mailing list