MozillaZine

MozillaZine's HTTPS Support

Post a reply


This question is a means of preventing automated form submissions by spambots.
Smilies
:D :) :( :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :wink: :!: :?: :idea: :arrow: :| :mrgreen: =D> #-o :^o [-X [-o< 8-[ [-( :-k ](*,) :-"
View more smilies
BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON
Topic review
   

Expand view Topic review: MozillaZine's HTTPS Support

Re: MozillaZine's HTTPS Support

Post by LoudNoise » July 31st, 2015, 11:21 pm

Out of admittedly vague curiosity, do you have any other hobbies?

Re: MozillaZine's HTTPS Support

Post by gaomeo » July 31st, 2015, 10:24 pm

That is quite a hidden, insider or old timer knowledge. I would expect to find such information in the http://www.mozillazine.org/about/ page but it provided bare minimal information. It would seem like "busy" is rather correct, the stamp "© 1998-2009" or "© 1998-2014" inconsistency showed it.

I decided to check out the Open Source Lab at Oregon State University. One page is greeted with an database error, the other I found rather weird. Most University/College website default to HTTPS if not have it available to use manually if you type it in. Oregon does not, perhaps getting HTTPS on their website would be the first step to getting it on Mozillazine.

Re: MozillaZine's HTTPS Support

Post by James » July 31st, 2015, 1:38 pm

rsx11m wrote:"Mozillazine's administration" is unfortunately right now a single person who has a busy life and keeps the server up and running as part of his free time.

The individual being Jason Kersey who has been working high up on the competing Google Chrome browser for a while now. Despite that he has been generous in keeping the mZ forum up and running as is since. The forum is hosted at osuosl.org though the site is down at moment.

Re: MozillaZine's HTTPS Support

Post by barbaz » July 31st, 2015, 10:12 am

It's not just about protection, at least it won't be sometime in the future: https://forums.informaction.com/viewtopic.php?f=18&t=20869
(I think that's fairly far future, so not urgent atm...)

Re: MozillaZine's HTTPS Support

Post by rsx11m » July 31st, 2015, 8:59 am

"Mozillazine's administration" is unfortunately right now a single person who has a busy life and keeps the server up and running as part of his free time. I didn't know about the Linux Foundation and others starting a non-profit alternative to the commercial CAs, so that's definitely a good move in general, but still leaves the effort of configuring and maintaining it on the individual server's site (including taking care of certificate renewals and possible revocations).

The most important arguments in favor of connection encryption to websites like ours are protection from spoofing and eavesdropping on users' credentials. Personally I've been aware of only a handful of possible account hijacking cases and no case of reported spoofing, thus it may not be a huge problem (though I see how this could be easily done across open connections like public WiFi). Browsing through the international Mozilla forums, Geckozone in France has encryption whereas MozillaES and MozillaZine.jp don't. So it's still a mixed bag.

Re: MozillaZine's HTTPS Support

Post by gaomeo » July 31st, 2015, 12:41 am

That would be too bad. Considering is there much of a cost issue nor difficulties. Is there anyway to persuade Mozillazine's administration to support it?

Personally I like to get whatever privacy I can get even if it limited. Considering Firefox is one of the browser that can boast that feature (at least it did in the past), I expect Mozilla's community would be in favor of that.

As for more persuasive reason of why adding or switching to HTTPS, I suppose it better to use voice of people that is more persuasive.

"Increase in Google search ranking": googlewebmastercentral.blogspot.com.au/2014/08/https-as-ranking-signal.html
This might be true for other search indexer too.

"Help protect against session hijacking" snopes.com/computer/internet/https.asp
An issue when using Wi-fi

"Defeat phishing/spoofing site", mashable.com/2011/05/31/https-web-security/

There is a FAQ on EFF's HTTPS Everywhere that provide more info; eff.org/https-everywhere/faq/

Re: MozillaZine's HTTPS Support

Post by LoudNoise » July 30th, 2015, 12:21 am

Considering that this is support forum that has nothing that should be protected I would suspect not.

MozillaZine's HTTPS Support

Post by gaomeo » July 30th, 2015, 12:09 am

Will MozillaZine consider adding HTTPS support in the future? EFF's Let'sEncrypt will be open next months, and I think certain website can get it earlier.

For more detail see: https://letsencrypt.org/

Top