[wp-trac] [WordPress Trac] #18577: Updates and downloads should be delivered securely
WordPress Trac
noreply at wordpress.org
Wed Aug 28 20:52:59 UTC 2013
#18577: Updates and downloads should be delivered securely
-----------------------------+------------------
Reporter: wplid | Owner:
Type: task (blessed) | Status: new
Priority: normal | Milestone: 3.7
Component: Upgrade/Install | Version:
Severity: normal | Resolution:
Keywords: 2nd-opinion |
-----------------------------+------------------
Comment (by dd32):
> these defeats the entire purpose of using SSL transport at all. Worst
case scenario, it would only allow non-SSL if upgrading manually with
appropriate warnings and confirmation.
my personal opinion is:
* We need to get HTTPS working regardless, so we'll have to bundle a CA
cert #25007
* For user-triggered updates, Fall back to HTTP in the event that OpenSSL
is not available in PHP - Package signing would probably not be possible
in that case either unless someone comes up with a pure-PHP-no-extensions-
needed signing/verification routine
* For non-user-triggered updates (automatic updates), only proceed if the
package is retrieved over HTTPS AND a package signature is proper
So this ticket isn't dependant upon HTTPS now, I don't see HTTPS vs
Package signing as an either-or thing, we need to get HTTPS running as
best we can, but we also need to cover the case where downloads are over
HTTP, since, although #25007 will go a long way, it won't cover every use
case.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/18577#comment:31>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list