PDA

View Full Version : SSL when?



sidd2
30th August 2012, 12:55 PM
Would SSL be implemented for Fedora Forums?

stevea
30th August 2012, 01:03 PM
Nevermind - you mean for this forum.

jpollard
30th August 2012, 01:15 PM
I suspect the op is asking about https to the fedora forums...

GallComp
31st August 2012, 01:15 PM
Would SSL be implemented for Fedora Forums?

At this moment there are no plans to implement Secure Sockets Layer protocol for the site, but you are welcome to explain the added benefits our community may experience if such protocol gets implemented.

roelj
31st August 2012, 01:52 PM
At this moment there are no plans to implement Secure Sockets Layer protocol for the site, but you are welcome to explain the added benefits our community may experience if such protocol gets implemented.

Well, my password would be encrypted when sending the log in form.. :)

Dutchy
31st August 2012, 07:01 PM
Apparently fedoraforum.org doesn't care too much about security?
Makes me wonder if they even encrypt the passwords in the database, let alone salt it.
Of course this is just a forum, the gain isn't very high (not much developers here, mostly users) and it will probably cost them some money (it is hosted separately from the other fedora stuff if I am correct), but I still think that credentials should be handled in a secure manner as much as possible.

roelj
31st August 2012, 09:34 PM
I think it's the default for vBulletin forums (to encrypt and salt the passwords). So I think it's stored securely.

sidd2
19th September 2012, 01:43 PM
Of course this is just a forum, the gain isn't very high

There's always something to gain. How many are using the same email for ebay? Maybe the password is about the same. Maybe something else.

Dan
19th September 2012, 02:20 PM
The forum default is what we are using, and that's the way it's going to stay for a while. In the meantime, I strongly suggest you follow standards of good practices and use different and strong passwords for other and different purposes whilst on line. Re-using passwords in various venues on line is an open invitation to disaster.

sidd2
19th September 2012, 02:46 PM
Dan, are you talking to me?

Dan
19th September 2012, 02:52 PM
My advice is to both you and everyone else. <..;)..> Seriously, folks. This is a software support forum. This isn't exactly critical stuff. Whereas I do recommend using a strong password here, I absolutely do not advise re-using passwords. Especially those which may be performing more important duties elsewhere. Such as email.

sidd2
19th September 2012, 03:03 PM
How about establishing identities and times when one's online?
Anyway, guess that advice stands better on the login / register page written in big bold red letters. Here's more likely to be overlooked.

Dan
19th September 2012, 04:19 PM
... Anyway, guess that advice stands better on the login / register page written in big bold red letters. Here's more likely to be overlooked. At some point, the computer owner/user/web surfer is responsible to handle their own affairs in a manner to be determined by themselves. Including the consequences of their own decisions. If they have made it here without the rudimentary knowledge of such things as common sense, it is not our job to take them by the hand and educate them in the basics. For that, there are close friends and family members. Barring those there are elementary/secondary school classes and computer user group sponsored free classes. Barring those, there are adult education college courses available for a fee. And, of course, should the cost of those be prohibitive, the web certainly doesn't lack in such freely supplied materials available within the easy reach of a normal search engine such as Google, Yahoo, dogpile, Duckduckgo, and at the very bottom of the proverbial barrel ... Bing.

Barring any of those selections, I am quite sure there are any number of qualified experts here on the forum who would be very happy to privately tutor groups and individuals. As we are not a commercial operation and do not allow commercial discussions/spam, I'll leave it up to you to advise anyone you know who may have such a need to privately select one (if needed) and privately negotiate the appropriate fee structure and payment plan. (Including a handling fee, of course. <..;)..> )

In the meantime (and in local vernacular), "Things jes' be whut dey iz!"


<..:)..>

sidd2
19th September 2012, 04:28 PM
Meaning you've just nullified your previous answer. Online stupidity is making me tired. Why is so complicated to point out you just don't care or you don't have the qualified people to set up something more complicated?

Why do people have to act like corporations? Soooo many experts, but you don't have the budget, right?


At some point, the computer owner/user/web surfer is responsible to handle their own affairs in a manner to be determined by themselves. Including the consequences of their own decisions. If they have made it here without the rudimentary knowledge of such things as common sense, it is not our job to take them by the hand and educate them in the basics. For that, there are close friends and family members. Barring those there are elementary/secondary school classes and computer user group sponsored free classes. Barring those, there are adult education college courses available for a fee. And, of course, should the cost of those be prohibitive, the web certainly doesn't lack in such freely supplied materials available within the easy reach of a normal search engine such as Google, Yahoo, dogpile, Duckduckgo, and at the very bottom of the proverbial barrel ... Bing.

Barring any of those selections, I am quite sure there are any number of qualified experts here on the forum who would be very happy to privately tutor groups and individuals. As we are not a commercial operation and do not allow commercial discussions/spam, I'll leave it up to you to advise anyone you know who may have such a need to privately select one (if needed) and privately negotiate the appropriate fee structure and payment plan.

In the meantime (and in local vernacular), "Things jes' be whut dey iz!"


<..;)..>

Dan
19th September 2012, 04:44 PM
Meaning you've just nullified your previous answer. Online stupidity is making me tired. Why is so complicated to point out you just don't care or you don't have the qualified people to set up something more complicated?

Why do people have to act like corporations? Soooo many experts, but you don't have the budget, right?
<..:blink:..>

Uhm ... as a matter of fact ... no.

Bottom line: We're all volunteers here. You, me, the entire staff, forum browsers, posters, readers etc.

So ... I guess you might say nobody is therefore qualified. And, naturally, such an assessment made on that basis would of course include me. Wouldn't be the first time I got stuck with a job for which I wasn't qualified. <..:rolleyes:..>

But, to quote my local Police Chief, "If you think these guys are bad, you should see the ones we didn't hire." <..:D..>

That being said, back before I killed off my last remaining functional braincell, I sat drooling in the corner whilst some good but barely qualified folks taped together the following pages, which I strongly suggest you read ... and heed. <..:)..>

http://www.fedoraforum.org/?view=guide
http://forums.fedoraforum.org/forumdisplay.php?f=61
http://forums.fedoraforum.org/faq.php?faq=vb3_board_faq#faq_vb3_board_usage

<..http://www.zyloo-enterprises.com/graphics/smileys/smirk.png..>

bob
19th September 2012, 04:46 PM
Sidd2, talk about stupidity? You've just insulted the Senior Admin of the Forum, which isn't very bright if you intend to remain a member. Might want to read the Posting Rules, specifically Rule #1.

Whether there's money involved, skill involved or it's just not a priority is none of your business. You've asked, it's been answered - drop it.

Dan
19th September 2012, 05:00 PM
Thanks, Bob. Appreciate the help. <..:thumb:..>

After a few moments thought, it seems to me that the best course of action is to close this now. He's got his answers, even if they're ones he doesn't particularly like. And ... methinks it would thus be safer for all concerned to terminate the exchange here and now. ... Before I have to go fetch my hat.

Thread closed.