Re: HTTPS access to Bugzilla?

From: Luis Villa <louie ximian com>
To: Derek Atkins <warlord MIT EDU>
Cc: bugsquad <gnome-bugsquad gnome org>
Subject: Re: HTTPS access to Bugzilla?
Date: 21 Jul 2002 11:39:59 -0400

On Sun, 2002-07-21 at 11:30, Derek Atkins wrote:
> Luis Villa <louie ximian com> writes:
> 
> > I'm afraid I really don't understand what this additional administrative
> > overhead for us buys anyone, including you.
> > Luis
> 
> It means my bug-tracking (and system login) can't be eavesdropped by
> others on the same network as I am, such as when I'm working from
> a conference network where I _know_ people are 'tcpdump'ing the
> complete network traffic.

And this is information they can't get from simply querying bugzilla
and/or using other vulnerabilities to get at your password how[1]?
You're being (IMHO) overly paranoid about something that just isn't that
important.

> I don't see how setting up https is much administrative overhead.  You
> only need to set it up once then never touch it again.

Because setting it up once is > 0, which is about how much time the
admins have.

Luis

[1]Not to mention basically anyone who wants to can get the same
permissions you have just for the asking, which makes getting your
password a little pointless, unless for some godforsaken reason they'd
want to impersonate you on bugzilla.

Follow-Ups:
- Re: HTTPS access to Bugzilla?
  - From: Derek Atkins

References:
- HTTPS access to Bugzilla?
  - From: Derek Atkins
- Re: HTTPS access to Bugzilla?
  - From: Luis Villa
- Re: HTTPS access to Bugzilla?
  - From: Derek Atkins
- Re: HTTPS access to Bugzilla?
  - From: Luis Villa
- Re: HTTPS access to Bugzilla?
  - From: Derek Atkins

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]