Re: Moving to https?
Posted: 2016-09-05, 09:20
It's true, the information that's actually posted doesn't necessarily need encryption. But I think the moment you deal with users having accounts, that have personal details attached -- especially these days where an e-mail address has become more of a pivotal thing than ever before -- it should be taken as data that requires more care than public information.davews wrote:I just don't see the point of https for most forum type websites.
It's the other side of approaching the people here as a community: we need to make sure the place the members use is as reasonably safe to use as possible. Taking care of and all that. We assume, and expect, that people who create accounts here don't necessarily lie about themselves. We try to keep anonymous users out. As such, the user data should be assumed to be sensitive and true. That would need to be protected.