What to do with ssl="authenticated sessions" + code freeze date for Bugzilla 3.6
Max Kanat-Alexander
mkanat at bugzilla.org
Mon Aug 31 05:41:18 UTC 2009
On 08/30/2009 09:13 PM, SnowyOwl wrote:
> The only scenario I could see is where some users do not have HTTPS
> access at all. For example, Bugzilla is used by staff from intranet
> using HTTPS, but exposed to public internet as read-only searchable
> knowledge base for users.
>
> HTTPS may be unavailable to those users to reduce server load, as it
> protects nothing in this setup.
Well, this situation seems fairly unlikely, and also really doesn't
matter that much, because honestly Bugzilla doesn't put that much load
on a web server, and the load it *does* put on the server is already
much more significant than the load put on by SSL. So I don't think we
have to worry too much about this situation. And anybody who *really*
needed it could still accomplish it with a proxy.
-Max
--
http://www.everythingsolved.com/
Competent, Friendly Bugzilla and Perl Services. Everything Else, too.
More information about the developers
mailing list