23 Mar
2015
23 Mar
'15
6:21 p.m.
Someone (I don't know whom) wasn't thrilled to have their Mailman password sent to our web site via non-SSL, hence non-encrypted connection. Which points to it being desirable to have an SSL cert. We could doubtless set up a self-signed cert; that's obviously not going to go through without "oh, that mightn't be totally legit" warnings. We'd not be overly keen on "spending all our substance" on SSL certs, not when the only use is to protect Mailman passwords. I hear Mozilla may be coming out with something later this year (something called "letsencrypt.org"); anyone have other bright ideas? -- When confronted by a difficult problem, solve it by reducing it to the question, "How would the Lone Ranger handle this?"