April 22/2017 Update

So far, I have not heard of any issues from implementing encrypted HTTP (HTTPS) last month.  Aside from some limitations on the number of subdomains supported, the service I used only encrypts traffic between the user and the service - traffic from the service to the BID Community server is not encrypted.  Although not ideal, this approach does protect traffic from snooping when using public hotspots.  A bigger risk that the service could start charging significant fees for the encrypted HTTP service.

In the past, end-to-end encryption was complex and expensive, involving yearly fees for the necessary SSL certificates.  I have been evaluating Let's Encrypt (https://letsencrypt.org/), a service sponsored by the Electronic Frontier Foundation and the Mozilla Foundation that not only provides free SSL certificates but also dramatically simplifies implementation.  I have successfully migrated two of my personal domains and will shortly be migrating a test version of the BID Community website.

Upcoming Events:

Your rating: None