[Rhodes22-list] Does our website need SSL?
Tom Van Heule
tom.vanheule at intrinsicprograms.com
Mon Jul 20 13:57:14 EDT 2020
sorry all, the temptation of joking within an email to a new crowd got me.
On Mon, Jul 20, 2020 at 12:10 PM Michael D. Weisner <mweisner at ebsmed.com>
wrote:
> IMHO, I would prefer not to sell merchandise on the owner's site. I always
> thought the point was to avoid commercialization.Mikes/v Wind Lass ('91)
> -------- Original message --------From: Tom Van Heule <
> tom.vanheule at intrinsicprograms.com> Date: 7/20/20 10:56 AM (GMT-05:00)
> To: The Rhodes 22 Email List <rhodes22-list at rhodes22.org> Subject: Re:
> [Rhodes22-list] Does our website need SSL? I did setup a discord :
> https://discord.gg/MbpR9Q for discussing nuts andbolts of the website -
> it seems we are happy to discuss here. (and I wontdelete the discord
> ever...)As some have said - we would like to have some protected areas of
> the siteand getting encrypted is table stakes for a new build today.I
> suggest we keep it as free and secure as possible, until we start
> sellingmerchandise :) Then we get Stan a new revenue stream.I agree with
> Michael here- the amount of data should be obfuscated from thepublic. It
> sounds like there are several of us around who know whatbrute forcing means
> - and this could all be taken from us in a matter ofminutes... we don't
> want to put the 20+ years of info at risk like that(fear mongering ,
> apologies).But that being said - I think I might call Stott for my remodel
> - the infois useful!Have a great Monday,TomOn Mon, Jul 20, 2020 at 9:39 AM
> Michael D. Weisner <mweisner at ebsmed.com>wrote:> Should we require SSL or
> TLS for the website is an interesting question.>> The website itself does
> not require login or passwords, at least at this> time. The only exception
> to this policy is access to the email list. The> mailman pages require that
> a user maintain a password which is used to> access the archives or change
> mail delivery options. As far as real> security on mailman, it must be
> noted that all of our posts are available> through google.com searches
> which means that there is no real privacy of> content. The same is probably
> true for the nabble site.>> Mike> s/v Wind Lass ('91)> Nissequogue River,
> NY>>> -----Original Message-----> From: Rhodes22-list <
> rhodes22-list-bounces at rhodes22.org> On Behalf Of> Larry Gioia via
> Rhodes22-list> Sent: Monday, July 20, 2020 9:21 AM> To: The Rhodes 22 Email
> List <rhodes22-list at rhodes22.org>> Subject: Re: [Rhodes22-list] Does our
> website need SSL?>> From our experience with my small company’s website:>>
> - the reason we use it is clients require it because they enter passwords>
> and use of SSL encrypts them. Not an issue to the Rhodes site. Another>
> reason is other sites that link to us prefer it to be an https link -
> again> probably not an issue to the Rhodes site.> - SSL is free, but a
> digital SSL certificate is needed from a certificate> authority - the
> cheapest we found is GoDaddy.com, $64 first year, $80/yr> thereafter. To
> avoid the charge you can self-sign your certificate but> website users will
> get a message saying this site uses a self-signed> certificate- be sure you
> trust them. Makes people a little nervous.>> I’m no expert on this, it’s
> just what we found and do - perhaps there are> now new free methods.>>
> Larry> ‘14 R22 Language of Love> ‘86 R22 <still unnamed!>>> > On Jul 19,
> 2020, at 11:37 PM, Hank <hnw555 at gmail.com> wrote:> >> > He's right. TLS
> 1.2 is the current standard and has replaced SSL.> > Folks still use SSL as
> the general term, though.> >> >> On Sun, Jul 19, 2020, 19:46 Todd Tavares <
> tavares0947 at gmail.com> wrote:> >>> >> My son is a web dev and said every
> website should have SSL..and its> free.> >> But he said the latest is
> TLS(?).> >>> >> Todd T> >>> >> tavares0947 at gmail.com> >>> >>> On Fri, Jul
> 17, 2020, 5:05 PM Peter Nyberg <peter at sunnybeeches.com>> wrote:> >>>> >>>
> Tom,> >>>> >>> You’ve mentioned SSL certification several times now, so I
> suspect> >>> that this is a subject near and dear to your heart. But I
> don’t> >>> understand> >> why> >>> you think we should have it. The
> website isn’t doing e-commerce or> >>> anything. Could you elaborate?>
> >>>> >>> Thanks,> >>> Peter> >>>> >>>> On Jul 17, 2020, at 10:08 AM, Tom
> Van Heule <> >>> tom.vanheule at intrinsicprograms.com> wrote:> >>>>> >>>>
> Jesse - I also understand that nabble data is only partial -> >>>>
> something> >>> that> >>>> there was nothing previous to 2009 in Nabble...
> but the entirety is> >> where> >>>> Peter indicated. I would like to see
> someone who knows be able to> >> update> >>>> nabble to get ALL the data
> (or find another way to modernize the UI> >>>> of> >>> all> >>>> the
> archives). Also Nabble, and for that matter our current site> >>>> have> >>
> no> >>>> SSL certification. https://letsencrypt.org/getting-started/
> this> >>>> is> >>> free> >>>> and legit - but someone with access needs to
> go through.> >>>>> >>>> Peter - this looks great, nothing fancy needed, but
> more complete.> >> Thank> >>>> you. And thank you for not using wordpress
> (it's a peeve of mine)> >>>>> >>>> aside- we KNOW there are photos that get
> lost in the archives -> >>>> perhaps there is a content discovery tool we
> can run against the> >>>> archives -> >>> really> >>>> most posts with a
> photo attached are worth indexing?> >>>>> >>>> Happy Friday all -> >>>>
> Tom> >>>> >>>>> >>>> Tom Van Heule> >>>> Intrinsic Programs> >>>>
> tom.vanheule at intrinsicprograms.com> >>>> +1 303 525 5266> >>>> >>>>
> >>>>-- Tom Van HeuleIntrinsic Programstom.vanheule at intrinsicprograms.com+1
> 303 525 5266
--
Tom Van Heule
Intrinsic Programs
tom.vanheule at intrinsicprograms.com
+1 303 525 5266
More information about the Rhodes22-list
mailing list