[OSM-talk] HTTPS on overpass-api.de
Cristian Consonni
kikkocristian at gmail.com
Fri Mar 27 18:51:43 UTC 2015
Hi,
2015-03-27 6:51 GMT+01:00 Roland Olbricht <roland.olbricht at gmx.de>:
> Dear fellow mappers,
>
> a thank you for all that have notified me that the certificate has expired.
> I will cater for renewing in the next days. A responsible handling of
> technology should also include a security assessment.
>
> I think most users will expect that a SSL certificate will somehow be secure
> while an unencrypted connection will be somehow insecure. I would like to go
> into detail.
[...]
> In result, this means that I spend money and time to somebody to not make my
> users anxious (it's legal, as opposed to [7]). To assure comfort to the
> average user, I will do so. But nobody should say that she or he has not
> known that there is no real security benefit.
I am not sure I understand the /quia/ of this e-mail, but I think it
is worth to point this out:
https://www.eff.org/deeplinks/2014/11/certificate-authority-encrypt-entire-web
https://letsencrypt.org/
Probably won't solve the problem at its root, but ...
Cristian
More information about the talk
mailing list