Jump to content


Why no HTTPS on forums?


  • Please log in to reply
4 replies to this topic

Noobkiller3759 #1 Posted 30 October 2018 - 12:10 PM

    Corporal

  • Player
  • 18009 battles
  • 133
  • [DSCRD] DSCRD
  • Member since:
    06-26-2011
Why does WG not provide HTTPS connection on the forum? Sending messages etc is definitely something I'd appreciate having encrypted. WG already has HTTPS for their main website and premium shop, why not include it everywhere? Not like ssl cert is that expensive, heck you can even get one for free. Do something to increase safety on the internet!

Dead_in_30_seconds #2 Posted 01 November 2018 - 02:35 PM

    Warrant Officer

  • Player
  • 3523 battles
  • 623
  • [T-D-U] T-D-U
  • Member since:
    11-07-2017

View PostNoobkiller3759, on 30 October 2018 - 11:10 AM, said:

Why does WG not provide HTTPS connection on the forum? Sending messages etc is definitely something I'd appreciate having encrypted. WG already has HTTPS for their main website and premium shop, why not include it everywhere? Not like ssl cert is that expensive, heck you can even get one for free. Do something to increase safety on the internet!

 

Prompted by the scandalous amount of trouble caused by unencrypted messages?

Pansenmann #3 Posted 01 November 2018 - 08:13 PM

    Field Marshal

  • Player
  • 34808 battles
  • 12,923
  • [WJDE] WJDE
  • Member since:
    08-17-2012

with all that side-loading of signature stuff,

any https connection to the forum would be just a blindfold. :)

 

also, it's a public forum anyways, so people can read your posts without having to log in


Edited by Pansenmann, 01 November 2018 - 08:14 PM.


Noobkiller3759 #4 Posted 02 November 2018 - 01:35 PM

    Corporal

  • Player
  • 18009 battles
  • 133
  • [DSCRD] DSCRD
  • Member since:
    06-26-2011

View PostPansenmann, on 01 November 2018 - 07:13 PM, said:

with all that side-loading of signature stuff,

any https connection to the forum would be just a blindfold. :)

 

also, it's a public forum anyways, so people can read your posts without having to log in

 

That's true but this being a public forum has nothing to do with HTTPS. You can still browse forums with HTTPS encryption. HTTPS exists to add protection, not to remove it. Accessing HTTP content such as images can be done easily by caching the image on WG servers. At least it might force users to use HTTPS enabled services instead (and again, encryption costs 0$)

Pansenmann #5 Posted 02 November 2018 - 09:29 PM

    Field Marshal

  • Player
  • 34808 battles
  • 12,923
  • [WJDE] WJDE
  • Member since:
    08-17-2012

View PostNoobkiller3759, on 02 November 2018 - 01:35 PM, said:

 

That's true but this being a public forum has nothing to do with HTTPS. You can still browse forums with HTTPS encryption. HTTPS exists to add protection, not to remove it. Accessing HTTP content such as images can be done easily by caching the image on WG servers. At least it might force users to use HTTPS enabled services instead (and again, encryption costs 0$)

 

We do know that,

but does the forum operations team?

 

When I set up services for clients, I make sure they work with 4096 Bit RSA / SHA-2 certificates

and make sure revocation lists are being checked, but many don't want to pay for a test setup :)

 

partially rewriting the logics on the servers to fully work with insecure content etc.

is not to be had for zero dollahs

 

PS: my image hoster uses https for quite some time now


Edited by Pansenmann, 02 November 2018 - 09:30 PM.





1 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users