Hi!
We plan to make the www.ripe.net website available over HTTPS only as of 5 February 2015. We believe this change will provide a more secure, efficient website for our users.
1. www.ripe.net is (as far as I can see - and I could be wrong - please correct me) primarily an information site, that is it provides publically available information to everyone/anyone. Therefore it does not largely transmit anything that needs to be secure and encrypted over SSL.
In recent month there was debate (and published papers from certain three-letter-agencies) on real attacks which where done by hi-jacking unencrypted surf traffic to inject infection code. The goal is to attack the clients surfing to a certain site. Clients like desktop systems of system and network admins. Belgacom case etc. This and the very recent discussion on key escrow that pops up in Europe after 'Charlie Hebdo' makes the case to basically 'encrypt everything'. If this causes issues with some service regions, it's useful that we learn more about those issues. Maybe afterwards HTTPS can be disabled for certain geo-located IP ranges. I applaud RIPE to go this extra step with HTTPS-only. -- MfG/Best regards, Kurt Jaeger 5 years to go ! Dr.-Ing. Nepustil & Co. GmbH fon +49 7123 93006-0 pi@nepustil.net Rathausstr. 3 fax +49 7123 93006-99 72658 Bempflingen mob +49 171 3101372