Long security answer

From OSGeo
Jump to: navigation, search

Q: Why is the website (edu.osgeo.org and its siblings) under secure http? I can understand using https when editing, but for normal viewing public, what good does https serve? Are there any disadvantages/advantages to this?

A: Simple answer, total security integrity. Here is the longer answer:

This is part of the security model. Simply there are private projects and other areas that need to be secured. The simplest explanation is that because of the software, there is no clear demarcation between secure and non-secure projects or parts of projects. This is further complicated by the role a user has that secures parts of the site and even parts of a project from a user with a role. So, it depends on your role of what you see, but by keeping the entire system locked up with https, no one can see what you are looking at. Turning on and off https would be tricky and harder to ensure it was secure.

The security model is not something you just turn on/off. Total security integrity is the key here. The sacrifice of https overhead is minor compared to the integrity. If you can turn it off for part of the site, you can also make the mistake of turning it off in the wrong place. Ask any security expert and they will say secure it all (and then unplug it from the internet).

The fact that you can see the site at all is a special case for this publicly accessible site. There is a default 'guest' id that has specific permissions. When you hit the site without logging it, you get logged in as guest and off you go.


Besides control of the site features, you might ask, what needs such bullet proof security? Well this is not national defense, but the software is built to do that and is used by big corporations and government for highly secure projects. CollabNet keeps its costs down by using the same software for open source communities like OSGeo and OpenOffice as they do for the department of defense and companies like HP. Because we have to go through rigorous audits, the software as a system is deployed only one way to ensure it maintains integrity.

So, overkill? Not really. A little inefficient, but all in the name of high security.