[tahoe-lafs-trac-stream] [tahoe-lafs] #2142: How to enhance WebUI default security against capability eavesdropping?
tahoe-lafs
trac at tahoe-lafs.org
Thu Dec 26 21:13:20 UTC 2013
#2142: How to enhance WebUI default security against capability eavesdropping?
-------------------------+-------------------------------------------------
Reporter: | Owner:
amontero | Status: new
Type: | Milestone: undecided
enhancement | Version: 1.10.0
Priority: normal | Keywords: websec confidentiality privacy wui
Component: code- | webapi docs
frontend-web |
Resolution: |
Launchpad Bug: |
-------------------------+-------------------------------------------------
Changes (by daira):
* keywords: websec confidentiality privacy wui => websec confidentiality
privacy wui webapi docs
Comment:
{{{private/node.pem}}} is only used for foolscap connections (see
[source:docs/configuration.rst#other-files-in-basedir]). The setting to
use for {{{[node]web.port}}} to run the web-API over SSL is mentioned in
[source:docs/frontends/webapi.rst#enabling-the-web-api-port], but not very
prominently:
{{{
Using "ssl:3456:privateKey=mykey.pem:certKey=cert.pem" runs an SSL server.
}}}
--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2142#comment:4>
tahoe-lafs <https://tahoe-lafs.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list