SSL when?

[sidd2]

Would SSL be implemented for Fedora Forums?

[stevea]

Nevermind - you mean for this forum.

[jpollard]

I suspect the op is asking about https to the fedora forums...

[GallComp]

Quote:

Originally Posted by sidd2

Would SSL be implemented for Fedora Forums?

At this moment there are no plans to implement Secure Sockets Layer protocol for the site, but you are welcome to explain the added benefits our community may experience if such protocol gets implemented.

[roelj]

Quote:

Originally Posted by GallComp

At this moment there are no plans to implement Secure Sockets Layer protocol for the site, but you are welcome to explain the added benefits our community may experience if such protocol gets implemented.

Well, my password would be encrypted when sending the log in form..

[Dutchy]

Apparently fedoraforum.org doesn't care too much about security?
Makes me wonder if they even encrypt the passwords in the database, let alone salt it.
Of course this is just a forum, the gain isn't very high (not much developers here, mostly users) and it will probably cost them some money (it is hosted separately from the other fedora stuff if I am correct), but I still think that credentials should be handled in a secure manner as much as possible.

[roelj]

I think it's the default for vBulletin forums (to encrypt and salt the passwords). So I think it's stored securely.

[sidd2]

Quote:

Originally Posted by Dutchy

Of course this is just a forum, the gain isn't very high

There's always something to gain. How many are using the same email for ebay? Maybe the password is about the same. Maybe something else.

[Dan]

The forum default is what we are using, and that's the way it's going to stay for a while. In the meantime, I strongly suggest you follow standards of good practices and use different and strong passwords for other and different purposes whilst on line. Re-using passwords in various venues on line is an open invitation to disaster.

[sidd2]

Dan, are you talking to me?

[Dan]

My advice is to both you and everyone else. <....> Seriously, folks. This is a software support forum. This isn't exactly critical stuff. Whereas I do recommend using a strong password here, I absolutely do not advise re-using passwords. Especially those which may be performing more important duties elsewhere. Such as email.

[sidd2]

How about establishing identities and times when one's online?
Anyway, guess that advice stands better on the login / register page written in big bold red letters. Here's more likely to be overlooked.

[Dan]

Quote:

Originally Posted by sidd2

... Anyway, guess that advice stands better on the login / register page written in big bold red letters. Here's more likely to be overlooked.

At some point, the computer owner/user/web surfer is responsible to handle their own affairs in a manner to be determined by themselves. Including the consequences of their own decisions. If they have made it here without the rudimentary knowledge of such things as common sense, it is not our job to take them by the hand and educate them in the basics. For that, there are close friends and family members. Barring those there are elementary/secondary school classes and computer user group sponsored free classes. Barring those, there are adult education college courses available for a fee. And, of course, should the cost of those be prohibitive, the web certainly doesn't lack in such freely supplied materials available within the easy reach of a normal search engine such as Google, Yahoo, dogpile, Duckduckgo, and at the very bottom of the proverbial barrel ... Bing.

Barring any of those selections, I am quite sure there are any number of qualified experts here on the forum who would be very happy to privately tutor groups and individuals. As we are not a commercial operation and do not allow commercial discussions/spam, I'll leave it up to you to advise anyone you know who may have such a need to privately select one (if needed) and privately negotiate the appropriate fee structure and payment plan. (Including a handling fee, of course. <....> )

In the meantime (and in local vernacular), "Things jes' be whut dey iz!"


<....>

[sidd2]

Meaning you've just nullified your previous answer. Online stupidity is making me tired. Why is so complicated to point out you just don't care or you don't have the qualified people to set up something more complicated?

Why do people have to act like corporations? Soooo many experts, but you don't have the budget, right?

Quote:

Originally Posted by Dan

At some point, the computer owner/user/web surfer is responsible to handle their own affairs in a manner to be determined by themselves. Including the consequences of their own decisions. If they have made it here without the rudimentary knowledge of such things as common sense, it is not our job to take them by the hand and educate them in the basics. For that, there are close friends and family members. Barring those there are elementary/secondary school classes and computer user group sponsored free classes. Barring those, there are adult education college courses available for a fee. And, of course, should the cost of those be prohibitive, the web certainly doesn't lack in such freely supplied materials available within the easy reach of a normal search engine such as Google, Yahoo, dogpile, Duckduckgo, and at the very bottom of the proverbial barrel ... Bing.

Barring any of those selections, I am quite sure there are any number of qualified experts here on the forum who would be very happy to privately tutor groups and individuals. As we are not a commercial operation and do not allow commercial discussions/spam, I'll leave it up to you to advise anyone you know who may have such a need to privately select one (if needed) and privately negotiate the appropriate fee structure and payment plan.

In the meantime (and in local vernacular), "Things jes' be whut dey iz!"


<....>

[Dan]

Quote:

Originally Posted by sidd2

Meaning you've just nullified your previous answer. Online stupidity is making me tired. Why is so complicated to point out you just don't care or you don't have the qualified people to set up something more complicated?

Why do people have to act like corporations? Soooo many experts, but you don't have the budget, right?

<....>

Uhm ... as a matter of fact ... no.

Bottom line: We're all volunteers here. You, me, the entire staff, forum browsers, posters, readers etc.

So ... I guess you might say nobody is therefore qualified. And, naturally, such an assessment made on that basis would of course include me. Wouldn't be the first time I got stuck with a job for which I wasn't qualified. <....>

But, to quote my local Police Chief, "If you think these guys are bad, you should see the ones we didn't hire." <....>

That being said, back before I killed off my last remaining functional braincell, I sat drooling in the corner whilst some good but barely qualified folks taped together the following pages, which I strongly suggest you read ... and heed. <....>

http://www.fedoraforum.org/?view=guide
http://forums.fedoraforum.org/forumdisplay.php?f=61
http://forums.fedoraforum.org/faq.ph...b3_board_usage

<....>