+1<br><br><br>Pedro<br><br><div class="gmail_quote">On Sun, Oct 28, 2012 at 12:20 AM, Niklas Hambüchen <span dir="ltr"><<a href="mailto:mail@nh2.me" target="_blank">mail@nh2.me</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
(I have mentioned this several times on #haskell, but nothing has<br>
happened so far.)<br>
<br>
Are you aware that all <a href="http://haskell.org" target="_blank">haskell.org</a> websites (hackage, HaskellWiki, ghc<br>
trac) allow unencrypted http connections only?<br>
<br>
This means that everyone in the same Wifi can potentially<br>
<br>
- read you passwords for all of these services<br>
<br>
- abuse your hackage account and override arbitrary packages<br>
(especially since hackage allows everybody to override everything)<br>
<br>
<br>
I propose we get an SSL certificate for <a href="http://haskell.org" target="_blank">haskell.org</a>.<br>
I also offer to donate that SSL certificate (or directly create it using<br>
my Startcom account).<br>
<br>
Niklas<br>
<br>
_______________________________________________<br>
Haskell-Cafe mailing list<br>
<a href="mailto:Haskell-Cafe@haskell.org">Haskell-Cafe@haskell.org</a><br>
<a href="http://www.haskell.org/mailman/listinfo/haskell-cafe" target="_blank">http://www.haskell.org/mailman/listinfo/haskell-cafe</a><br>
</blockquote></div><br>