[Date Prev][Date Next][Thread Prev][Thread Next][Date Index ][Thread Index ]

Re: [Launchpad-users] https ? why?

To: Lukasz Szybalski <szybalski@xxxxxxxxx>
Subject: Re: [Launchpad-users] https ? why?
From: Karl Fogel <karl.fogel@xxxxxxxxxxxxx>
Date: Tue, 14 Apr 2009 15:57:34 -0400
Cc: launchpad-users <launchpad-users@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <804e5c70904141216o6aa44021ucf8aeb9bb158fb16@xxxxxxxxxxxxxx> (Lukasz Szybalski's message of "Tue, 14 Apr 2009 14:16:50 -0500")
List-archive: <http://lists.launchpad.net/launchpad-users>
List-help: <https://help.launchpad.net/ListHelp>
List-id: <launchpad-users.lists.launchpad.net>
List-owner: <https://launchpad.net/~launchpad-users>
List-post: <mailto:launchpad-users@lists.launchpad.net>
List-subscribe: <https://launchpad.net/~launchpad-users>
List-unsubscribe: <https://launchpad.net/~launchpad-users>
References: <804e5c70904141216o6aa44021ucf8aeb9bb158fb16@xxxxxxxxxxxxxx>
Reply-to: Karl Fogel <karl.fogel@xxxxxxxxxxxxx>
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.60 (gnu/linux)

Lukasz Szybalski <szybalski@xxxxxxxxx> writes:
> Hello,
> Could you guys elaborate on why every page on launchpad.net is only
> accessible via https?

Security -- that is, protection from impersonation.  We don't want to
send passwords or user-specific cookies over plaintext http://, because
that might make it possible for someone to impersonate a user, change
that user's personal data, or view to data that only that user should
have access to.

Best,
-Karl

Follow-Ups:
- Re: [Launchpad-users] https ? why?
  - From: Monty Taylor

References:
- [Launchpad-users] https ? why?
  - From: Lukasz Szybalski

Prev by Date: [Launchpad-users] https ? why?
Next by Date: Re: [Launchpad-users] https ? why?
Previous by thread: [Launchpad-users] https ? why?
Next by thread: Re: [Launchpad-users] https ? why?
Index(es):
- Date
- Thread

This is the launchpad-users mailing list archive — see also the general help for Launchpad.net mailing lists.

(Formatted by MHonArc.)