Message 190834 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	dstufft
Recipients	Arfrever, Giovanni.Bajo, alexis, barry, benjamin.peterson, christian.heimes, devin, dstufft, eric.araujo, fdrake, georg.brandl, jwilk, larry, loewis, pitrou, richard, skrah, tarek, techtonik
Date	2013-06-08.22:28:41
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1370730521.36.0.23914109908.issue12226@psf.upfronthosting.co.za>
In-reply-to

Content
Uploading always hits the backend servers and thus has the same logging as before Merely switching to HTTPS only provides protections against passive attacks. You need verification to protect against active attacks (which are simple and easy to do as well). Like I said, not a bad move and I'd be in agreement on doing it but if the powers that be decide it's too big of a change it's not going to massively decrease the security.

Uploading always hits the backend servers and thus has the same logging as before

Merely switching to HTTPS only provides protections against passive attacks. You need verification to protect against active attacks (which are simple and easy to do as well). Like I said, not a bad move and I'd be in agreement on doing it but if the powers that be decide it's too big of a change it's not going to massively decrease the security.

History
Date	User	Action	Args
2013-06-08 22:28:41	dstufft	set	recipients: + dstufft, loewis, fdrake, barry, richard, georg.brandl, pitrou, larry, techtonik, christian.heimes, benjamin.peterson, tarek, jwilk, eric.araujo, Arfrever, skrah, alexis, devin, Giovanni.Bajo
2013-06-08 22:28:41	dstufft	set	messageid: <1370730521.36.0.23914109908.issue12226@psf.upfronthosting.co.za>
2013-06-08 22:28:41	dstufft	link	issue12226 messages
2013-06-08 22:28:41	dstufft	create