On 04.01.2017 20:43, Giancarlo Razzolini wrote:
Hi All,
With some improvements we have been doing to the infrastructure,
we've
reached a point were practically everything on archlinux.org is
hosted
using TLS/SSL.
I have run a sslyze test on every of our DNS entries and the ones
that
did not answered are supposed to. In case you guys are interested,
I'm
putting links to the tests I performed in json format in the end of
the
email.[0][1]
My question is, should we add archlinux.org to the HSTS preload
list?[2]
Or, better yet, should we ever host something *not* using TLS/SSL?
Cheers,
Giancarlo Razzolini
[0] Full test, quite big: https://paste.xinu.at/UOII
[1] Failed hosts: https://paste.xinu.at/5srl/
[2] https://hstspreload.org/
In general a great idea. Our Torrent tracker does not support https as
it seems: http://tracker.archlinux.org:6969/stat I haven't looked into
it yet though. Port 443 redirects to bbs which is strange...
Greetings,
Pierre
--
Pierre Schmitz, https://pierre-schmitz.com
