Forums | Mahara Community

Support / SSL

anonymous profile picture
Account deleted
Posts: 214

21 December 2010, 3:16

Given the increased ease of HTTP session hijacking (e.g. the widespread availability of firesheep), and the relatively low cost of an SSL certificate, it would be really good if we could get an SSL certificate for (and too using subject alternative names).

In my opinion this is a security issue and is pretty easily addressed. Given the amount of work that's gone into the security at the design level, it seems a shame not to.


1 result