[Koha-devel] "IP address has changed. Please log in again"
Robin Sheat
robin at catalyst.net.nz
Fri May 31 00:44:38 CEST 2013
Galen Charlton schreef op do 30-05-2013 om 11:18 [-0700]:
> I'd personally be happy with requiring SSL for the staff interface and
> the OPAC throughout on the basis that patron information is sensitive
> enough to demand that level of care.
All our deployments now are using SSL, we strongly recommend it for
exactly this reason. Also that if it's tied in to an LDAP
infrastructure, passwords should never exist in plaintext (also people
reuse passwords.)
> However, because of the general support issues that would arise around
> SSL certs, I suspect that Koha jumping on the HTTPS Everywhere
> bandwagon will likely have to remain a recommended practice rather
> than a requirement or installation default.
Yeah, it requires a substantial amount of setup and knowledge. Also it
interacts badly with cover images, which are fetched over HTTP, and so
you get mixed content warnings. Where possible, they should use HTTPS if
the system is, but it's not always possible.
--
Robin Sheat
Catalyst IT Ltd.
✆ +64 4 803 2204
GPG: 5957 6D23 8B16 EFAB FEF8 7175 14D3 6485 A99C EB6D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20130531/9d288fd9/attachment.pgp>
More information about the Koha-devel
mailing list