[Beowulf] No HTTPS for the mailman interface

Tim Cutts tjrc at sanger.ac.uk
Sun Dec 2 23:28:44 PST 2018


I think that's a good idea, although it's only a partial solution. Mailman sends password reminders unencrypted anyway, and presumably therefore doesn't store the passwords as hashes or whatever.

Tim

Sent from my iPhone

> On 3 Dec 2018, at 6:44 am, "jaquilina at eagleeyet.net" <jaquilina at eagleeyet.net> wrote:
> 
> Hi Guys,
> 
> I know Chris is away, but dont you guys feel like there should be an SSL certificate on the mailman interface as right now it is sending all credentials over http. We can easily get an SSL certificate for free through lets encrypt and its very easy to setup on a linux server as well as ensure the certificate stays valid as they expire every 90 days.
> 
> Let me know what you guys think.
> _______________________________________________
> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
> To change your subscription (digest mode or unsubscribe) visit https://urldefense.proofpoint.com/v2/url?u=http-3A__www.beowulf.org_mailman_listinfo_beowulf&d=DwIGaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=gSesY1AbeTURZwExR_OGFZlp9YUzrLWyYpGmwAw4Q50&m=nrZ06ObS5IHKvzrbULu3swO0QdZCImpCSMYfqMalwZM&s=9ls55zOEiI3nL3Ppb0gdDjuG0U2e2tEd3zslyhi6328&e=


-- 
 The Wellcome Sanger Institute is operated by Genome Research 
 Limited, a charity registered in England with number 1021457 and a 
 company registered in England with number 2742969, whose registered 
 office is 215 Euston Road, London, NW1 2BE. 


More information about the Beowulf mailing list