W3C home > Mailing lists > Public > whatwg@whatwg.org > October 2014

Re: [whatwg] Passwords

From: Anne van Kesteren <annevk@annevk.nl>
Date: Sat, 18 Oct 2014 21:50:56 +0200
Message-ID: <CADnb78jSm0xGdKhiOsLsWM8WPHsMZ7Ow-LoMDMhAy48ZDVsydg@mail.gmail.com>
To: Roger H├ągensen <rescator@emsai.net>
Cc: WHATWG <whatwg@lists.whatwg.org>
On Sat, Oct 18, 2014 at 7:14 PM, Roger H├ągensen <rescator@emsai.net> wrote:
> This precludes that a site has a certificate, and depite someone like
> StartSSL giving them out free, sites and forums still do not use HTTPS.

We recently started doing this for whatwg.org. It was not a big deal
(though quite a bit of work given the amount of subdomains we have) on
a shared hosting provider. There's a whole bunch of reasons why most
sites ought to switch to using TLS:


I'd be interested in hearing why sites such as forums have not made
the switch yet. If you're hosting passwords it seems downright
irresponsible at this point to not use TLS.

Received on Saturday, 18 October 2014 19:51:20 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 17:00:24 UTC