← Back to team overview

launchpad-users team mailing list archive

Re: https ? why?

 

John <jpyper@xxxxxxxxx> writes:
> I can agree the launchpad.net should have http. At the same time, it
> should also have https. Here's my example:
>
> Say Mr. Opensource comes to the site to browse bug reports to see if
> there is a workaround or a fix for a problem he is having, or is just
> browsing the site in general to see what it has to offer. This action
> do not need https.
>
> Now if Mr. Opensource has a project on the site or wants to be a
> member of a team of some sort to colaborate on things, then logging
> into the site and doing project related functions are good to have
> secure in https.
>
> I'm sure there are other things that can be added to both sides of the
> fence, and hashing ideas out here is a good place to get your voice
> heard.

True -- in an ideal world, we'd support both, using http:// for anything
where identity doesn't matter.

Unfortunately, it's tricky to actually do that right, and there are many
other features we're working on too.  So it's https:// for now, just
because that's the "safe" option that was implementable immediately.

(On the other hand... http://dev.launchpad.net/OpenSourcing...)



References