Reply to post:

50c buys you someone else's password for Netflix, Spotify or ...

Marco Fontani

Eeh... There are steps to be taken to ensure we can use TLS across the sites, and unfortunately things are a tiny wee bit more complex than installing a cert and calling it a day. If you seriously believe that's all it takes, don't take it wrong if I don't take you up on the offer to help out, but instead ask you to get as far away as you possibly can from being able to "help" ;)

For context,

Installing a cert and making the site available over TLS sounds like 99% of the work, but in reality it's - for me - a _literal_ press of a button. It's piss easy; it's straightforward: we already use TLS for private stuff which _requires_ us to have secure authentication. We strive to get an A on ssllabs, but that might mean that older browsers/OSes would be unable to connect, and we can't (yet) have that for our main site, can we?

It's easy to notice that (most of) the images on the site are served (thanks to cloudflare) over TLS - mainly to ensure that recent browsers can download them in parallel, and partly to assess the impact of enabling TLS for at least part of the audience.

The difficult/lengthy part in all of this endeavour (enabling TLS on the main sites) is ensuring the rest of our infrastructure can properly work under TLS, that users can use TLS across the sites (account, forums, whitepapers, …) and that the business doesn't collapse overnight due to people switching to TLS only (think, ads), etc. etc. This is the actual 99% of the work, which we've been making strides towards for a while. It'll all eventually converge, and we'll go live with "it" when it's possible, when it makes sense to, and crucially when we've tested the shit out of it.

So, Soon®

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022