HTTPS fhtagn?

[Cthulhu]

Right now, all traffic (including login information, private messages, the werkz) are transferred over plain http; this is both a security and a privacy risk, especially in places like airports and whatnot. I've never actually heard of a recorded incident where http traffic was intercepted for a site like ours, but hey, it's still a risk.

So: do we want to do HTTPS, and if yes, do we want to do it via our domain name party (12.50 a year), or for free no-strings-attached https://letsencrypt.org/ ?

 

[Tennyo]

What are the pros and cons of paying vs not paying?

I guess either is fine with me.

 

[Lex]

If it's for free no strings attached then I don't see the problem

 

[Kionae]

If it's for free no strings attached then I don't see the problem

Ditto. Worst case scenario, we decide it sucks and switch to the paid option.

 

[Cthulhu]

At this time, only pros for paying is that it'll be signed by Comodo who is one of the more well-known certificate hand-out-eroos, and maybe the site helps out, but probably not because we host our own website and shit, .

Let's Encrypt has gotten very popular very fast, in part due to a streamlined setup and installation process, and shit. Oh and because it's free with no strings attached. for now. dun dun dunnn. But don't worry, it can't be used to do stuff like inject ads or whatever - that's what the actual google ads do .