[Xerte-dev] Re: Future Chrome release and how it will treat non SSL sites

Julian Tenney Julian.Tenney at nottingham.ac.uk
Wed Jan 18 08:55:07 GMT 2017


Do we need to make changes and a release to make https the default for new installs?

I don’t fully understand it, so sorry if that’s the wrong question.

From: xerte-dev-bounces at lists.nottingham.ac.uk [mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Ron Mitchell
Sent: 17 January 2017 20:56
To: robb at interlin.nl; For Xerte technical developers <xerte-dev at lists.nottingham.ac.uk>
Subject: [Xerte-dev] Re: Future Chrome release and how it will treat non SSL sites

XOT already works if the server and installation is set to use https whether that be paid for certs or letsencrypt. But to date it's been up to whoever looks after the installation and there are disadvantages with using https too e.g embedding external non https content. My reason for mentioning this is that we probably need to put together some advice and guidance while it's still optional rather than essential, including how people switch their installations without breaking existing links and embeds etc.
Cheers
Ron

On 17 Jan 2017, at 20:37, robb <robb at interlin.nl<mailto:robb at interlin.nl>> wrote:

I think XoT should be accessed through SSL only. A good option would be to support letsencrypt<https://letsencrypt.org/> by default.

regards,

Rob
Op 17-01-17 om 18:23 schreef Ron Mitchell:
Hi all
Just reading this https://www.wordfence.com/blog/2017/01/chrome-56-ssl-https-wordpress/  and suspect we should put a similar advisory together re Xerte installations and SSL etc.
What do you think?
Ron

This message and any attachment are intended solely for the addressee

and may contain confidential information. If you have received this

message in error, please send it back to me, and immediately delete it.



Please do not use, copy or disclose the information contained in this

message or in any attachment.  Any views or opinions expressed by the

author of this email do not necessarily reflect the views of the

University of Nottingham.



This message has been checked for viruses but the contents of an

attachment may still contain software viruses which could damage your

computer system, you are advised to perform your own checks. Email

communications with the University of Nottingham may be monitored as

permitted by UK legislation.

--
This message has been scanned for viruses and
dangerous content by MailScanner<http://www.mailscanner.info/>, and is
believed to be clean.



_______________________________________________

Xerte-dev mailing list

Xerte-dev at lists.nottingham.ac.uk<mailto:Xerte-dev at lists.nottingham.ac.uk>

http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev


--
This message has been scanned for viruses and
dangerous content by MailScanner<http://www.mailscanner.info/>, and is
believed to be clean.



This message and any attachment are intended solely for the addressee

and may contain confidential information. If you have received this

message in error, please send it back to me, and immediately delete it.



Please do not use, copy or disclose the information contained in this

message or in any attachment.  Any views or opinions expressed by the

author of this email do not necessarily reflect the views of the

University of Nottingham.



This message has been checked for viruses but the contents of an

attachment may still contain software viruses which could damage your

computer system, you are advised to perform your own checks. Email

communications with the University of Nottingham may be monitored as

permitted by UK legislation.
_______________________________________________
Xerte-dev mailing list
Xerte-dev at lists.nottingham.ac.uk<mailto:Xerte-dev at lists.nottingham.ac.uk>
http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte-dev/attachments/20170118/f58a713c/attachment.html>


More information about the Xerte-dev mailing list