Bug 44910 - Processes should be SSL
Processes should be SSL
Product: Red Hat Web Site
Classification: Red Hat
Component: Join_Process (Show other bugs)
i386 Linux
high Severity medium
: ---
: ---
Assigned To: Tom Lancaster
Web Development
: Security
Depends On:
  Show dependency treegraph
Reported: 2001-06-18 15:45 EDT by Jay Turner
Modified: 2015-01-07 18:46 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2003-06-25 11:17:39 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jay Turner 2001-06-18 15:45:34 EDT
Description of Problem:
Both the /join process as well as simply logging into the site should be
done via SSL, as otherwise it is quite easy to sniff the packets, thus
retrieving both the username and password of the user.

How Reproducible:

Steps to Reproduce:

Actual Results:

Expected Results:

Additional Information:
Comment 1 Jay Turner 2001-09-18 09:40:28 EDT
Still an issue.
Comment 2 Jay Turner 2001-09-28 11:37:48 EDT
Yep, still there.
Comment 3 Tom Lancaster 2001-10-08 20:40:32 EDT
This solution depends on a resolution to the issue of what to do with banner ads
when a user is on ssl. In talking with Rob Byars and Aragorn we decided that 
no doubleclick ads would be displayed when people were using ssl.
When the component for this is built, we should be able to move back to using
ssl for login and once logged in.

Note You need to log in before you can comment on or make changes to this bug.