20.xx: postponse LuCI HTTPS per default

Michael Richardson mcr at sandelman.ca
Fri Nov 20 00:26:44 EST 2020


Paul Spooren <mail at aparcar.org> wrote:
    > The current list of release goals for 20.xx states[0] that LuCI should
    > use HTTPS per default. This works by creating on-device a self-signed
    > certificate. Self-signed certificates result in warnings and may cause
    > more harm than good, multiple discussion are found in the mail archive.

    > As no clean solution seems in reach while 20.xx seems close, I'd like to
    > suggest to postponse HTTPS LuCI (`luci-ssl` vs `luci`) per default.

    > This isn't a vote but a request for developer/user opinions.

I agree with postponing this.
I think that we need to do some work on this problem.
This is a subset (an easier subset actually) of a general IoT onboarding problem.

I would like to form a design-team to figure out what we can do in practice,
and I would be happy to lead/act-as-convenor it via a series online working
meetings if the group wants.

The need for a PPPoE username/password is one of the challenges.

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: not available
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20201120/cfad3ce8/attachment-0001.ksh>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20201120/cfad3ce8/attachment-0001.sig>


More information about the openwrt-devel mailing list