[Python-Dev] https:bugs.python.org -- Untrusted Connection (Firefox)
Terry Reedy
tjreedy at udel.edu
Fri Aug 22 04:32:24 CEST 2014
On 8/21/2014 7:25 PM, Nick Coghlan wrote:
>
> On 22 Aug 2014 04:45, "Benjamin Peterson" <benjamin at python.org
> <mailto:benjamin at python.org>> wrote:
> >
> > Perhaps some board members could comment, but I hope the PSF could just
> > pay a few hundred a year for a proper certificate.
>
> That's exactly what we're doing - MAL reminded me we reached the same
> conclusion last time this came up, we'll just track it better this time
> to make sure it doesn't slip through the cracks again.
>
> (And yes, switching to forced HTTPS once this is addressed would also be
> a good idea - we'll add it to the list)
I just switched from a 'low variety' short password of the sort almost
crackable with brute force (today, though not several years ago) to a
higher variety longer password. People with admin privileges on the
tracker might be reminded to recheck. What was adequate 10 years ago is
not so now.
--
Terry Jan Reedy
More information about the Python-Dev
mailing list