Bitcoin Forum

Other => Meta => Topic started by: wumpus on May 07, 2011, 10:17:20 AM



Title: HTTPS
Post by: wumpus on May 07, 2011, 10:17:20 AM
As this site does revolve a lot around trust (even more than normal FOSS projects), I think it would be good if it

  • Used a real, non self-signed certificate. These can be very inexpensive these days.
  • Defaulted to HTTPS. When entering through http://,  automatically redirect to https://.
  • Used secure (https-only) cookies. So if you accidentally type http://, your cookies wont go over the clear and your session can be hijacked.

Hey, Bitcoin is a cryptocurrency, we need to show we have the right stance on security/privacy and don't see it as a low-priority issue :)


Title: Re: HTTPS
Post by: Stephen Gornick on May 07, 2011, 10:29:16 AM
Just wanted to provide a link to prior discussion regarding the SSL:
  - http://bitcointalk.org/index.php?topic=2626.msg100559#msg100559