	cosign-discuss at umich.edu
	general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: url for services should be secure?

To: Phil Pishioneri <pgp@xxxxxxx>
Subject: Re: url for services should be secure?
From: johanna bromberg craig <canna@xxxxxxxxx>
Date: Wed, 12 May 2004 16:30:08 -0400
Cc: Cosign Discussion <cosign-discuss@xxxxxxxxx>
In-reply-to: <40A26C7A.9010606@psu.edu>
References: <40A26C7A.9010606@psu.edu>

Thanks, Phil. At Umich we have our weblogin servers configured to redirect anything that comes in on http:// to be https:// instead, so i never even noticed. :) I've added it to CVS, and it will be in the next release.

-J

On May 12, 2004, at 2:27 PM, Phil Pishioneri wrote:

Shouldn't the URL for the services menu be secure? (Not because it's sensitive info, but because most people are only running the login/logout service on the secure port.)

Patch attached.

-Phil
!DSPAM:40a26cb037841515918262!
<cgi.c.service-url.patch.txt>

References:
- url for services should be secure?
  - From: Phil Pishioneri

Prev by Date: url for services should be secure?
Next by Date: v1.6.1: krb ticket path length broken in other places
Previous by thread: url for services should be secure?
Next by thread: v1.6.1: krb ticket path length broken in other places
Index(es):
- Date
- Thread