HTTPS Support #137
Labels
P1
High priority. Should be addressed by the next release.
Size: Medium
The work involved in addressing this issue is a sizable amount. 1-2 days of work.
Status: In Progress
Work on the issue is in progress.
Type: Feature
Addresses adding a new feature to the application.
Milestone
This issue relates to a:
Description:
At some point it would be nice to sport HTTPS for communication between the server and client. We could allow users to utilize certificates purchased from a certificate authority or their own self signed certificate.
HTTPS allows encrypted communication to the server. This would be necessary in a production environments where users are sending credentials to the server. In many cases these password would be hashed but this still opens us up to dictionary/rainbow table attack on our users password hashes.
HTTP also allows users to verify the identity of Thunder servers. (see trust chaining below)
I would also like to point out that if a future goal is to have Thunder as a Service (TaaS) then a lack of HTTPS support would certainly scare aways a large number of potential users.
Additional Information:
https://en.wikipedia.org/wiki/HTTPS
https://en.wikipedia.org/wiki/Chain_of_trust
https://blog.instantssl.com/https/seo-advantages-switching-https/
The text was updated successfully, but these errors were encountered: