Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Yes, all calls to DSpaceDirect are encrypted using Transport Layer Security protocols (HTTPS).  We require HTTPS for all sites, and do not allow site data to be sent via plain HTTP.  All sites also enable HSTS (HTTP Strict Transfer Security) to tell all web browsers to only use HTTPS. (

Note, however, there is one exception to this rule. As OAI-PMH requires HTTP, we do allow HTTP access via the OAI-PMH interface only. That said, OAI-PMH only .)allows access to publicly available metadata, and does not provide any means for file access, authentication, etc.