[Python-Dev] https:bugs.python.org -- Untrusted Connection (Firefox)
tjreedy at udel.edu
Fri Aug 22 04:32:24 CEST 2014
On 8/21/2014 7:25 PM, Nick Coghlan wrote:
> On 22 Aug 2014 04:45, "Benjamin Peterson" <benjamin at python.org
> <mailto:benjamin at python.org>> wrote:
> > Perhaps some board members could comment, but I hope the PSF could just
> > pay a few hundred a year for a proper certificate.
> That's exactly what we're doing - MAL reminded me we reached the same
> conclusion last time this came up, we'll just track it better this time
> to make sure it doesn't slip through the cracks again.
> (And yes, switching to forced HTTPS once this is addressed would also be
> a good idea - we'll add it to the list)
I just switched from a 'low variety' short password of the sort almost
crackable with brute force (today, though not several years ago) to a
higher variety longer password. People with admin privileges on the
tracker might be reminded to recheck. What was adequate 10 years ago is
not so now.
Terry Jan Reedy
More information about the Python-Dev