It is currently Thu Nov 21, 2024 3:12 am

Mandatory TLS on the 'goon forums.

For forum technical issues, problems, or connectivity outages and announcements, read on! Post here if you need help using our forums or services.

Mandatory TLS on the 'goon forums.

Postby Zancarius » Tue Dec 08, 2015 3:22 pm

Hey guys,

So, we decided to just go ahead and setup TLS today. I asked Josh earlier what his preference was, because I was inclined to do a more gentle transition to TLS by allowing older browsers to access the site unaffected without it. He suggested that there's no point supporting older browsers and that we ought to migrate over without them. He's right, and considering that the majority of browsers we'll encounter trouble with are on Windows XP (which is around 15 years old) or Android 2.x (do those devices still work?), it's time to upgrade. Seriously: Software isn't a car or appliance. It changes too quickly.

As such, we've put a permanent redirect on all HTTP traffic. If you click any old links, they'll automatically redirect to the HTTPS site. Ideally, this should be entirely transparent. It'll also be about a million times more secure.

Also, I was wrong: It turns out that older browsers should still work, they'll just generate a certificate error when loading sites like ours that use the subjectAltName for domain matching in the certificate. But again, see above: We're completely dumping support for older browsers, and I don't think any of our regulars (or future members) will be affected.
I gave that lich a phylactery shard. Liches love phylactery shards.
User avatar
Zancarius
Site Admin
 
Posts: 3907
Joined: Wed Jul 05, 2006 3:06 pm
Location: New Mexico
Gender: Male

Return to Issues and Support

Who is online

Users browsing this forum: No registered users and 1 guest

cron