SSL by default for all packaged web apps?
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Mar 1 22:20:59 UTC 2011
On Tue, 2011-02-22 at 14:56 -0800, Clint Byrum wrote:
> This bug was opened recently:
>
> https://bugs.launchpad.net/bugs/695857
>
> It suggests that packages should configure themselves to require SSL by
> default.
>
> I think this is actually a good idea, and I am wondering how this would
> be received by the greater community.
>
> I am marking the bug as "Opinion" and I'd like to get the opinions of
> the server community as a whole on the issue. If enough people think its
> a good idea we can open a blueprint for a future UDS.
We should not turn on SSL by default with self-signed certificates. That
is insecure and is not a configuration that should be encouraged.
Marc.
More information about the ubuntu-server
mailing list