SSL only updates #77
Comments
|
Hmm, after thinking about it: is it really helpful? If it is a per-host setting, the server would still listen to http updates. So if your router is insecurely configured or misbehaved, your password would go over the wire to the http service first (and then would be rejected as the host setting says SSL-only). We currently display whether the updates are SSL or not in the hosts list, so it is the question what we would win with that setting. |
|
looks like the only application of this is if the host on the service gets configured/created by someone else than the router / update-client. with a ssl-only setting, you could FORCE the one configuring the router to use SSL, because nothing else would work. |
|
will close this as wontfix 3/2014 - except if someone really needs this and gives reasons here. |
|
won't fix, see above |
Option for host to disallow updates via http - making it SSL-updateable only.
asmaps/hopper.pw#4
The text was updated successfully, but these errors were encountered: