SSL Everywhere –

Peter Westwood, better known as Westi in the WordPress community, recently announced that he has developed and implemented some new methods for so that interactions can now be made over SSL.

Whether you’re just downloading an update of WordPress or interacting with the API, both calls and responses can now be made over SSL.

While there’s nothing super secure being sent over the pipe to, it’s still the best practice to be using SSL in the first place. Well, there’s almost nothing super secure. The one piece of data that could be considered necessary to secure is the salted hash generator.

I went ahead and tested https for it and it worked just fine:

Just for the sake of testing, I also tested loading the frontend of, such as the support forums. The page loaded just fine, which leads to believe the team could at one point, switch over to enforcing https on across the entire site.

Peter is asking that you try making the calls over https and see how things are working. You can follow the discussion on ticket #18577.