Accessing ATS over SSL

I don't know if this has been brought up ( I did a search and came up with nothing), but why isn't ATS accessible over a secure, SSL encrypted connection? I am very concerned about my privacy and thinking about what, sometimes very, delicate topics are discussed here this sounds like a good idea to me. It's not a big hassle to set it up and it is optional to use.

Again, sorry if this has been discussed already.

Cheers,

zerb

Just a thought not trying to be rude or anyting but it would be useless unless every single visitor to ATS used SSL to view the site. If you view and post to the sever with SSL, your posts to the server are encrypted as the data is sent, then stored to the database unencrypted. For the sake of example I then browse your posts in some thread without connecting via SSL, so all the posts submitted via SSL are now sent out unencrypted for any snooping packet sniffers to pick up, basically negating the use of the SSL initially.

Well, of course it goes out clear-text as soon as anyone is accessing it, but it is encrypted on the way giving all those nasty buggers a hard time figuring out what I wrote on this board as well as who I am here. That was my main intention. Not protecting what is written, but who wrote it.

The cost of additional server hardware is prohibitive, not to mention that search engines either don't spider HTTPS sites, or currently have only limited ability.

The ATS domains currently serve slightly more than 1.2 terrabytes of total traffic each month. Putting that much traffic behind SSL would slow it down, and require significant new hardware investments.

Find a local state university library. They don't require logins on campus (usu) and you can get a fake emai account and work from therel.

Thank you SkepticOverlord for clearing me up on how much traffic ATS is serving. Seeing it from that point, the investments in new hardware would be a little too much to ask.

For the really paranoid among us there still is stuff like onion-routing.

Even if you guys just do a quick and dirty selfsign certificate for SSL, I don't think it would strain the server or bandwidth much, as SSL does not increase bandwidth overall by much (it eats CPU). Anyway, I don't think the majority of users would use the feature. You can always limit the concurrent connections to relax the server stress aswell if it starts chewing up your CPUs.

Search bots are irrellevant here, even if they don't use SSL, they don't need to, as they can access the site directly on the unsecure port instead, which most people will also do.

But SSL would greatly increase the security for those who require it. This is even more important now that the US has passed bills to log your traffic and communications.

It's like the most significant missing feature on ATS

reply to post by SkepticOverlord


Yeah, the fact that Google doesn't crawl HTTPS sites is a major set back let alone the cost.

Writing on this forum souldn't need SSL anyways, no personal information is being exchanged.

Why not just use a proxy site?

Also, doesn't this site have email notifications of new replies?