The question sent today to the Signal group instead of this list:

Question: Is there a reason why the PON node's web GUI login is done in plain text and not via https?

I just noticed that.

Answers I got so far:
Person 1 answer: "Nodes have private IP addresses and you cannot issue trusted SSL certificates for them."

Person 2 answer:
"Because self-signed certificates generate nasty warnings that are not user friendly. Can we please use the mailing list for things that don't require immediate responses?"
My follow up:

Thank you for your replies.
But definitely I would prefer the "nasty warnings" from self assigned certs than sending the password in plain text, imo.
Nowadays smart TVs and what not invading our homes gives not much of room for non encrypted traffic.

Daniel

Signal: 415.336.9143

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Help open a people-powered common space in Oakland, California!

https://omnicommons.org/donate

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -