We have only scratched 2.6.2 so far... Still trying to nail the last remaining bugs of 2.6.1 Wink
I hope to go on a bug hunt soon so be prepared
I still have to wait for dandello to catch up as we both are working on 2.6.1 and 2.6.2 in parallel. Sometimes I find the bugs, sometimes I help fixing them... Sometimes I just relax and let others do their fair share
Posted by: xnoddyx Posted on: Oct 3rd, 2014 at 3:42am
Quote:
Getting 'official' SSL certification IS a major hurdle and there have been moves by some major players to dump the current method of authentication. Curently only a few companies are 'authorized' to do it and not only does it require a large cash outlay if you have more than one site to worry about, the fact that they want things like your corporation identity number means that when you do see an 'authentic' SSL cert on a non-business site the owner has had to lie to get it. (http://lewayotte.com/2011/05/31/ssl-certificate-scam-yay-or-nay/)
(As an aside, real world research has shown that sites that show the 'TRUSTe' certification are more that twice as likely to be untrustworthy as sites that didn't bother. Wink)
to add Additionally, search engines have started giving preference to secure websites using HTTPS
Quote:
(And as you guys should know by now, if I have more than 2 projects happening at once, they all get fubarred. )
hahaha we know and its not just you :
Quote:
We have only scratched 2.6.2 so far... Still trying to nail the last remaining bugs of 2.6.1 Wink
I hope to go on a bug hunt soon so be prepared
Posted by: Monni Posted on: Oct 2nd, 2014 at 5:12pm
We have only scratched 2.6.2 so far... Still trying to nail the last remaining bugs of 2.6.1
Posted by: Dandello Posted on: Oct 2nd, 2014 at 4:46pm
And another part of the problem is that there are few 'official' certifying organizations listed in the various browsers and email clients. So if your certification isn't listed with one of those few you may have spent big bucks for nothing.
So let's keep this one in mind once we have 2.6.2 squared away as this one will require quite a bit of research to do it well. (And as you guys should know by now, if I have more than 2 projects happening at once, they all get fubarred. )
Posted by: Monni Posted on: Oct 2nd, 2014 at 3:44pm
I can create SSL certificates that kinda work, but they're useless on shared hosts, because HTTPS certificates are bound to IP address in Apache and not host name even though host name is compared when used.
Posted by: Dandello Posted on: Oct 2nd, 2014 at 2:44pm
The way the 3.0 team was looking at doing it was having members store their facebook/WindowsLive login info in their vars file - not exactly what people mean by 'login using Facebook' (or maybe it is - I gave up on trying to get the OpenID thing to work).
Getting 'official' SSL certification IS a major hurdle and there have been moves by some major players to dump the current method of authentication. Curently only a few companies are 'authorized' to do it and not only does it require a large cash outlay if you have more than one site to worry about, the fact that they want things like your corporation identity number means that when you do see an 'authentic' SSL cert on a non-business site the owner has had to lie to get it. (http://lewayotte.com/2011/05/31/ssl-certificate-scam-yay-or-nay/)
(As an aside, real world research has shown that sites that show the 'TRUSTe' certification are more that twice as likely to be untrustworthy as sites that didn't bother. )
(That said, it looks like at least a few Cert companies have lowered the price to some thing reasonable for hobby sites and I'll look at those later today.)
Posted by: xnoddyx Posted on: Oct 2nd, 2014 at 10:09am
I know but i think it will still be a good mod to have and most of the other forums out there have a plugin to do this.
Posted by: Monni Posted on: Oct 2nd, 2014 at 9:29am
The main problem is that you need official SSL certificate for integration.
Posted by: xnoddyx Posted on: Oct 2nd, 2014 at 5:05am
i would still like to see login by Facebook and or Windows live.