No https on

(Ian Munsie) #1

Is there a reason that the main site does not support secure connections? With the recent discussions on data retention I would think that this would be a good step to help protect the privacy of anyone visiting our site.

(Brendan Molloy) #2

We use CloudFlare, and if we want to use SSL with CF, we have to pay I think $15 per month.

It’s something under consideration. If there’s sufficient desire for us to introduce SSL, we can perhaps run a crowdfunding campaign to pay for it for a year.

SSL is not a great way to protect privacy of someone accessing our site. Connecting to the domain would still be recorded, so it’s pretty obvious what you’re looking at once you hit the base URL.

(Kevin Littlejohn) #3

Just to add to this -

So it’s an SEO step as well as anything else. I’d certainly chip in some to make this happen.


1 Like
(Brendan Molloy) #4

Okay then. We will need $240 for this 12 month period.

I’m not going to set up a crowdfunding thing just for $240 as this should be pretty easy to manage ourselves. Just donate an amount to any of the options on the donate page, and either reply here with the amount or PM me and we’ll be able to see when we’ve met the target. :smile:

Once we hit the $240, I’ll have the IT Working Group enable SSL on CloudFlare.

(Mozart Olbrycht-Palmer) #5

We’re on track to roll out SSL for all CloudFlare customers by mid-October. When we do, the number of sites that support HTTPS on the Internet will more than double. That they’ll also rank a bit higher is pretty cool too.

1 Like
(Ben McGinnes) #6

Well, well … fancy seeing you in a place like this. :wink:

(Brendan Molloy) #7

Please keep off topic content to PMs.

(Kevin Littlejohn) #8

So, based on this, is there actually an extra charge involved or not? Looks like they’re saying SSL is available to all paid accounts for free already - is there just a cost for getting a cert? I’m presuming the pirate party hosting is a paid account there…

(Ben McGinnes) #9

We’ve got several servers and yes, paid. You’ve already heard my rants on the snake oil that is the CA industry, but no doubt we will find something which isn’t too eye gougingly horrendous.

(Kevin Littlejohn) #10

If it’s a question of price, let us know how much it will cost and I’ll stump up a donation. This isn’t a big thing, but I reckon it’s a worthwhile one.

Oh, and heya :wink:

(Brendan Molloy) #11

It seems that in two months SSL will be free on CloudFlare. I will see what we can do in the meantime.

(Ben McGinnes) #12

You’re forgetting the SSL link between CloudFlare and us, no doubt a cert will still be needed.

(Brendan Molloy) #13

I don’t think that’s how it works, whether that’s a good thing or not. I however have no interest in being right or wrong in this discussion, so go have a read of what CloudFlare does or does not do and enlighten us please.

(Ben McGinnes) #14

Your generosity is greatly appreciated, drop me a line at (the personal one hasn’t changed), but I believe my key has since the last time you used one. The new one is 0x321E4E2373590E5D and the transition statement is here.

(Ben McGinnes) #15

Alrighty, I shall reread their docs when I’m what’s the word … oh yeah, conscious. :wink:

(John) #16

Electronic Frontirers Foundation provides a Firefox plugin ‘https everywhere’ here.