Just wanted to provide a link to prior discussion regarding the SSL:
- https://bitcointalksearch.org/topic/m.100559
Topic: HTTPS (Read 1761 times)
As this site does revolve a lot around trust (even more than normal FOSS projects), I think it would be good if it
Hey, Bitcoin is a cryptocurrency, we need to show we have the right stance on security/privacy and don't see it as a low-priority issue
- Used a real, non self-signed certificate. These can be very inexpensive these days.
- Defaulted to HTTPS. When entering through http://, automatically redirect to https://.
- Used secure (https-only) cookies. So if you accidentally type http://, your cookies wont go over the clear and your session can be hijacked.
Hey, Bitcoin is a cryptocurrency, we need to show we have the right stance on security/privacy and don't see it as a low-priority issue
Jump to: