| Anonymous | Login | Signup for a new account | 2020-02-24 15:52 PST |  |
| Main | My View | View Issues | Change Log | Roadmap | Summary | My Account |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | |||||
| 0008596 | opensim | [MISC] DSG | public | 2019-10-07 22:04 | 2019-10-23 07:57 | |||||
| Reporter | Edward Ashford | |||||||||
| Assigned To | ||||||||||
| Priority | immediate | Severity | major | Reproducibility | always | |||||
| Status | new | Resolution | open | |||||||
| Platform | OS | OS Version | ||||||||
| Product Version | ||||||||||
| Target Version | Fixed in Version | |||||||||
| Summary | 0008596: SSL Cert for OpenSimulator.org needed as it has an insecure connection - Why is there no category for the website? | |||||||||
| Description | Hello Let's Encrypt is providing free SSL Certs for websites, and even Free WildCard Certs. Please get a Free Cert from Let's Encrypt either on the Let's Encrypt Extension or through SSLforFree.com Thank you. https://letsencrypt.org [^] Also please make sure that http://opensimulator.org [^] forwards to https://opensimulator.org [^] once you have the Cert. | |||||||||
| Steps To Reproduce | Open the website http://opensimulator.org [^] Brave shows "Not secure" to the left of the URL. https://Brave.com [^] a better version of Chromium. | |||||||||
| Additional Information | If you need/want a WildCard Cert open this https://sslforfree.com/create?domains=*.opensimulator.org+opensimulator.org [^] and verify your domain. (WildCard Certs are for subdomains i.e., https://subdomain.domain.com [^]) If you don't need/want a WildCard Cert open this: https://sslforfree.com/create?domains=opensimulator.org+www.opensimulator.org [^] and verify your domain, this way is easier because DNS verification isn't necessary, though still possible. Every website should have SSL, regardless. Also any website that has login accounts especially needs SSL. Watch this video from Fight For The Future that was put out for June 5, 2014 https://youtube.com/watch?v=qKk8MHFLNNE [^] https://resetthenet.org [^] Don't ask for you privacy, take it back. https://pack.resetthenet.org [^] | |||||||||
| Tags | No tags attached. | |||||||||
| Git Revision or version number | ||||||||||
| Run Mode | Standalone (1 Region) , Standalone (Multiple Regions) , Grid (1 Region per Sim) , Grid (Multiple Regions per Sim) | |||||||||
| Physics Engine | Other | |||||||||
| Script Engine | ||||||||||
| Environment | Unknown | |||||||||
| Mono Version | None | |||||||||
| Viewer | ||||||||||
| Attached Files |  Not secure.png [^] (12,454 bytes) 2019-10-16 21:29
| |||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0035717) Edward Ashford (reporter) 2019-10-08 12:42 edited on: 2019-10-08 12:45 |
There's no project/category for the opensimulator.org website. |
|
(0035718) tampa (reporter) 2019-10-08 14:28 |
There is also no need for SSL on a static page that neither carries out logins, nor provides any server-client interfacing. SSL adds overhead and that poor box is already crashing at least once every 4 months. |
|
(0035719) Sheera Khan (reporter) 2019-10-08 21:40 |
Actually it's not that static since it is a wiki. Some pages are updated regularly like the office hours page. So somebody has to login there. The same holds true for this Mantis - I guess you didn't append your comment to this issue without logging in first^^ |
|
(0035721) BillBlight (developer) 2019-10-09 11:29 |
The biggest issue is, in the not so distant future, SSL is going to be required .. But until then , Opensimulator is not NORAD or Fort Knox ... /me passes out tinfoil hats .. |
|
(0035730) Edward Ashford (reporter) 2019-10-16 20:07 |
Then who's the one to say when SSL will be required in future. It's already required for privacy. Mass surveillance is illegitimate. Opensimulator doesn't have to be a high security organization like NORAD or Fort Knox to take advantage of SSL. More people are becoming aware of privacy issues today, and implementing End-to-End Encryption, and an SSL Cert is a good way to ensure their privacy while on Opensimulator.org. Just look at how many people started using WhatsApp after the Signal Protocol was incorporated into WhatsApp. https://Signal.org [^] Although Facebook bought WhatsApp, so they can still extract metadata from WhatsApp. Also it doesn't take much time to get an SSL Cert from Let's Encrypt through SSLforFree.com and apply it. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2019-10-07 22:04 | Edward Ashford | New Issue | |
| 2019-10-08 12:42 | Edward Ashford | Note Added: 0035717 | |
| 2019-10-08 12:42 | Edward Ashford | Description Updated | View Revisions |
| 2019-10-08 12:45 | Edward Ashford | Note Edited: 0035717 | View Revisions |
| 2019-10-08 14:28 | tampa | Note Added: 0035718 | |
| 2019-10-08 21:40 | Sheera Khan | Note Added: 0035719 | |
| 2019-10-09 06:25 | Edward Ashford | Steps to Reproduce Updated | View Revisions |
| 2019-10-09 06:25 | Edward Ashford | Additional Information Updated | View Revisions |
| 2019-10-09 11:29 | BillBlight | Note Added: 0035721 | |
| 2019-10-16 20:07 | Edward Ashford | Note Added: 0035730 | |
| 2019-10-16 21:28 | Edward Ashford | File Added: Not secure.png | |
| 2019-10-16 21:29 | Edward Ashford | File Deleted: Not secure.png | |
| 2019-10-16 21:29 | Edward Ashford | File Added: Not secure.png | |
| 2019-10-16 21:32 | Edward Ashford | Category | [MISC] DSG => [GRID] Other Service |
| 2019-10-16 21:32 | Edward Ashford | Summary | SSL Cert not existent or not applied for http://opensimulator.org [^] => SSL Cert for opensimulator.org needed. opensimulator.org has an insecure connection |
| 2019-10-23 07:57 | Edward Ashford | Category | [GRID] Other Service => [MISC] DSG |
| 2019-10-23 07:57 | Edward Ashford | Summary | SSL Cert for opensimulator.org needed. opensimulator.org has an insecure connection => SSL Cert for OpenSimulator.org needed as it has an insecure connection - Why is there no category for the website? |
|
Issue History |
| Copyright © 2000 - 2012 MantisBT Group |
 |