Would You Feel Better With SSL Encryption?

[rawTOP]

Just curious - would it make any substantive difference to how you feel about reading the site and posting on the site if it had SSL encryption? I don't know if it's still the case but back in the day corporate firewalls didn't/couldn't read SSL encrypted sites, wouldn't cache them, etc.

And do you any of you care about the type of SSL cert used (that's a question for the geeks - most people won't know what I'm asking).

If it makes a difference to you guys, I'll migrate the site to SSL...

[breedmeup]

with the coming of the tube site. I believe this is a good idea for everyone.

[copenhagendipper]

with the coming of the tube site. I believe this is a good idea for everyone.

I concur with this suggestion

[OKJOE]

Third the above comments.

[Guest slobbvers]

Could you essplain for those who are non-geeks what SSL stands for? Would it change logging in?

[boundngagged]

Could you essplain for those who are non-geeks what SSL stands for? Would it change logging in?

SSL is Secure Sockets Layer, you may have also seen it called HTTPS (secure HTTP). Basically it means that your traffic to the site is encrypted so people "between" you and the site can't see what data you're sending/receiving. It also is a way of verifying that the site you're on is who it claims to be (and not a rogue server).

If you're ever browsing a site while on a shared network (technically that's everywhere, but especially like in a coffee shop, at work, or at home on wifi that other people can use) then anyone else there can see everything you do/read/say online, or even log in to a site as you, unless you are using SSL. It used to be considered low-risk because it was somewhat difficult and had to be a targeted attack, but with the proliferation of simple tools like Firesheep now almost anyone can spy on the browsing of people around them.

In short, yes, SSL, please!

[4Bare]

Barebackrt has SSL encription; it's much safer for the posters and those who receive information from this site. Definitely go with SSL encription.

[Guest slobbvers]

Yes. SSL, please. Does anyone know if Adam is ssl?

[OKJOE]

Yes. SSL, please. Does anyone know if Adam is ssl?

It should say in the help section or look for the https

[Belfast-Bottom]

Breeding Zone probably deals with some of the most controversial issues on the net. My view is that added privacy is a good thing.

[rawTOP]

OK, I'll get it set up. I just have to figure out whether I'm doing an EV cert or a regular cert. And then work out any issues with things that might be hard coded to http or linked from another site...

So give me a week and it should all be up and running.

[skinster]

Good idea with the certs. At least data in-flight will not be listened to. Although modern proxy servers are more evolved than years earlier, they could still be caching even SSL-encrypted content (data at rest). Just like your local web browser. Simply put it is only incrementally more difficult to re-assemble if a (3rd-party) need arizes but it is not impossible. Mindful network admins will either let it or disable that type of content caching, depending on house or P.C. policies if you're not browing from home. Also, visited URL's could be logged at a proxy/gateway regardless of content type/protocol and reviewed later. Firewalls per se will just pass or stop SSL traffic on a certain configured port/IP address. Your better bet in that regard is a point-to-point VPN tunnel, but we are definitely not talking about that here.

[PORTaURINAL]

Please add SSL - it would help protect the privacy of users who accidentally connect using office wifi.

[Guest deleted1107]

I think that it may make a difference for some. Would be a great idea if possible.

[barecumhole]

While SSL is a good idea for keeping laymen out, you should keep in mind that for someone who knows what they're doing, it is not difficult to break. Also, you shouldn't see any performance impact as long as this site is running on a fairly recent machine (especially Intel's Sandy Bridge, because it has hardware support for encryption). Google tested it a while back and reported overhead of less than 1%.