LinuxMint.com should apply a SSL cert from Let's Encrypt
Many popular Linux distributions, such as Ubuntu, Fedora, Arch, and Debian, have applied an SSL cert to their website so that they can use HTTPS rather than HTTP. This enhances the privacy of their users, protects MITM attacks against the hashsums of the .iso images, and is generally a good idea all around. While there are some popular CAs that offer cheap single-domain certificates, recently Let's Encrypt has been offering free certificates. They are in beta but I've heard excellent feedback on the usability of the process. Let's Encrypt is supported by the EFF, Mozilla, and is generally recommended by privacy enthusiasts. I recommend that LinuxMint.com apply an SSL certificate from Let's Encrypt. If the process works, I suggest repeating the process for all subdomains (blog, segfault, forums, ...) and then using Qualys SSL Labs to confirm a strong SSL setup. This will look good for Linux Mint as a whole and will protect people's passwords on the forum.
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Jesse Victors
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by