| **** BEGIN LOGGING AT Tue Sep 7 10:50:07 2004 | ||
| -->You are now talking on #schooltool | 10:50 | |
| -->_djs_ (~djs@DC-245-115.bpb.bigpond.com) has joined #schooltool | 11:09 | |
| -->thisfred (~thisfred@a213-84-57-72.adsl.xs4all.nl) has joined #schooltool | 11:25 | |
| <--_djs has quit (Read error: 110 (Connection timed out)) | 11:27 | |
| -->sabdfl (~mark@wblv-251-236.telkomadsl.co.za) has joined #schooltool | 12:12 | |
| -->stockholm (~Andreas@petrus.schuldei.org) has joined #schooltool | 12:23 | |
| stockholm | huhu! | 12:23 |
|---|---|---|
| sabdfl | yo | 12:23 |
| stockholm | i am the debian developer willing to upload the secured schoolbell. | 12:24 |
| stockholm | are you considering securing it? | 12:24 |
| stockholm | im sure there is some ssl web module for python? | 12:24 |
| mgedmin | you can put schoolbell behind apache with mod_ssl | 12:25 |
| stockholm | yes, i know. | 12:26 |
| stockholm | i argued that if you ship it "not secured" by default, it will be used that way. | 12:27 |
| stockholm | on debian-edu@l.d.o | 12:27 |
| stockholm | i cc`ed th1a. | 12:27 |
| stockholm | webmin (which i would not want to use as an example for good programming practice otherwise) has a switch "ssl=1" | 12:29 |
| stockholm | in its config file | 12:29 |
| stockholm | and in debian the switch is set per default. | 12:30 |
| stockholm | (in gentoo it is not, i read) | 12:30 |
| stockholm | but i would like something like that. | 12:30 |
| stockholm | just checked with the other debian-edu developers: | 12:35 |
| stockholm | they, too, think it is mandatory | 12:36 |
| mgedmin | I've seen arguments that using SSL with self-signed certificates often gives you a false sense of security | 12:37 |
| mgedmin | the setup is very vulnerable to man-in-the-middle attacks | 12:38 |
| mgedmin | although it does prevent simple password sniffing | 12:38 |
| stockholm | i dont advokate self signed certificates. | 12:55 |
| stockholm | i would recommend a local CA. | 12:55 |
| stockholm | suppling that certificate would be our problem, makeing it handle/use the cert yours. (c: | 12:56 |
| <--stockholm has quit (Read error: 113 (No route to host)) | 13:40 | |
| <--tvon has quit (Remote closed the connection) | 14:23 | |
| ---Disconnected (). | 15:56 | |
| **** ENDING LOGGING AT Tue Sep 7 15:56:09 2004 | ||
Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!