SSL for discuss.px4.io?

Hi there; this is my first post!

I was going through the signup flow and realized I was transmitting my password essentially over plaint text. It appears you don’t have TLS/SSL/https setup for the forum. Just wanted to make sure this was an intentional decision, or people were aware of it.

Cheers!
Jeff

Yes it is fully intentionally. We don’t have anything that “serious” that would really require encrypted systems. This can be looked in future if there are more concerns.

Regards,
Jani / PX4 System admin

That’s fair; I agree with you on the content side and access control not being a concern.

The concern is that a man in the middle attack would allow for relatively easy hijacking of user accounts. Sounds like you already know that and it’s not worth the hassle.

Cheers,
Jeff