On Mon, 2002-07-22 at 07:27, Gregory Leblanc wrote: > Setting it up isn't the hard part. We haven't got the spare horsepower > to devote to SSL/TLS at the moment. Securing bugzilla is a lot more > demanding, and lower on my list of priorities than securing CVS, and > that hasn't even gotten done yet. Sorry, but for the time being, > there's no HTTPS access to bugzilla. If you're concerned that it will > fall off of our list of things to do, feel free to file a bug against it > in bugzilla. > Greg > (the bad cop who does loads of the gnome.org server work) > Some people like to use SSL/TLS for the sake of it, IRC over SSL, Jabber over SSL... (I do run my pop3 over SSL but thats not bad, shush =)). I dont think that https would bring any real benefits, afterall, if i remember rightly when you login Bugzilla does a GET request with your password so anyone looking over your shoulder can see that. I use the Debian BTS more than I use Bugzillas, and as you probably know there is *no* authentication. We often have our bug reports being closed by spam from bots who have spidered the site. Anyway, cheers. -- Rob 'robster' Bradford Founder: http://www.debianplanet.org/ Developer: http://www.debian.org/ Monkey with keyboard: http://www.robster.org.uk/
Attachment:
signature.asc
Description: This is a digitally signed message part