[OSM-dev] SSL-Certificate for osm.org
Oleksiy Muzalyev
oleksiy.muzalyev at bluewin.ch
Mon Mar 21 08:39:57 UTC 2016
On 21/03/16 08:06, Tom Hughes wrote:
> On 21/03/16 06:16, André Riedel wrote:
>
>> We've got a bug report at the Chemnitzer Linux-Tage. osm.org should be
>> added as alternative name in the openstreetmap.org certificate. This
>> is important for the link shortener.
>>
>> https://osm.org/go/0MIaEuZzQ-?m=
>
> Do we actually generate that name anywhere? or have you just assumed
> that you can change it to https?
>
> Tom
>
The same here, the SSL works correctly for www.openstreetmap.org , and
it does not work for www.osm.org
It is well known that SSL encrypts a web-page content, but it is less
understood that the SSL also encrypts the URL itself (except the domain
name). So with SSL (https://) people who monitor a LAN can see that
openstreetmap.org (or osm.org) were visited, but it is not possible to
see what part of the map was looked at, as anything after .org is
encrypted. I read about it and probably tested it with network analyzer
https://www.wireshark.org/
But SSL adds some additional load to web-servers. So if one just looks
at the map in general there is no sense to use https://, but if planning
a trip in a risky environment, for example for humanitarian workers, it
would be safer to use SSL.
brgds
Oleksiy
More information about the dev
mailing list