[JIRA] (OVIRT-2140) enforce SSL on resources.ovirt.org

Thursday, 29 August 2019

    [
https://ovirt-jira.atlassian.net/browse/OVIRT-2140?page=com.atlassian.jir...
] 

Marc Dequènes (Duck) commented on OVIRT-2140:
---------------------------------------------

[~accountid:557058:caa507e4-2696-4f45-8da5-d2585a4bb794] signed packages on HTTP are not
safe because old releases are also valid thus it’s possible to do replay attacks by
providing older and security buggy packages. it’s better but not sufficient.

...
 enforce SSL on resources.ovirt.org
 ----------------------------------

                 Key: OVIRT-2140
                 URL: https://ovirt-jira.atlassian.net/browse/OVIRT-2140
             Project: oVirt - virtualization made easy
          Issue Type: Improvement
            Reporter: Evgheni Dereveanchin
            Assignee: infra

 SSL was enabled on Resources with OVIRT-1472, this ticket is to transform the non-SSL
virtual hosts into redirects to the SSL version

--
This message was sent by Atlassian Jira
(v1001.0.0-SNAPSHOT#100108)

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011