[jira] [Updated] (OFBIZ-6849) Use only HTTPS in OFBiz

     [ https://issues.apache.org/jira/browse/OFBIZ-6849?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jacques Le Roux updated OFBIZ-6849:
-----------------------------------
    Description:
I recently (2 weeks ago) started the ["Performance over security, is that reasonable?"|http://markmail.org/message/ubgacfzfxvlvlqva] thread on dev ML. I think I did not explain me well then. I must say it's easy to drown down in details with this subject when you want to illustrate the reasons.

So instead of answering on the dev ML, I decided it will be easier to create a Jira task with maybe related tasks, here it is.

For now I consider it only an improvement, but since it's a security matter we can discuss backporting later (hard in this case).

h3. Performance over security?
So why was this thread opposing performance and security? First we need to understand that here performance stands for HTTP and security for HTTPS.
And why the question about being reasonable or not?

  was:
I recently (2 weeks ago) started the ["Performance over security, is that reasonable?"|http://markmail.org/message/ubgacfzfxvlvlqva] thread on dev ML. I think I did not explain me well then. I must say it's easy to drown down in details with this subject when you want to illustrate the reasons.

So instead of answering on the dev ML, I decided it will be easier to create a Jira task with maybe related tasks, here it is.

For now I consider it only an improvement, but since it's a security matter we can discuss backporting later (hard in this case).




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)