[HTTPS-E Rulesets] Suggested enhancements (affecting Adobe, Apple, Barnes & Noble, Flickr, Mozilla, UCSD, Wikipedia)
Christopher Liu
cmliu00151 at gmail.com
Sun May 6 13:35:38 PDT 2012
- Previous message: [HTTPS-E Rulesets] Suggested enhancements (affecting Adobe, Apple, Barnes & Noble, Flickr, Mozilla, UCSD, Wikipedia)
- Next message: [HTTPS-E Rulesets] Suggested enhancements (affecting Adobe, Apple, Barnes & Noble, Flickr, Mozilla, UCSD, Wikipedia)
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Colonel Graff,
In response to your questions and concerns:
>> dvcs.w3.org
> Held off on this because I'm fairly certain the W3C asked us not to
> use the ruleset for their sites by default.
So why is a ruleset with default_off not acceptable? Did W3C
specifically state so? For reference, my request was specific to
dvcs.w3.org and not for any other W3C domains.
>> Some parts of Stanford University - ccrma.stanford.edu
>> fah-web.stanford.edu (I have never attended Stanford, so I haven't
>> tested further)
> The former was already covered, the latter doesn't support HTTPS as
> far as I can tell.
See for example https://fah-web.stanford.edu/projects/FAHClient (which
appears to be part of a Trac installation). However, I am now aware
http://fah-web.stanford.edu/cgi-bin/getpasskey.py redirects back to
http; sorry for not testing that first.
>> Mozilla:
>> Add support.mozilla.org (to which support.mozilla.com now redirects)
>> and tbpl.mozilla.org
>>
> Someone else already got these as well.
Assuming https://gitweb.torproject.org/https-everywhere.git/blob/68ce3ecd4b919bf7cab0117123596800b8bbbb6d:/src/chrome/content/rules/Mozilla.xml
shows the current status of the ruleset, someone seems to have
mistakenly typed a 1 (one) instead of an L - that is, t b p 1. "tbpl"
is an abbreviation for Tinderbox Pushlog.
>> UCSD:
>> The changes in this attachment compared to my previous submission include: (redacted for brevity)
>>
> I take it you wish the text file you attached to be substituted in for
> the old ruleset?
Yes, that is correct.
>> Wikipedia:
>> According to http://wikitech.wikimedia.org/view/Httpsless_domains ,
>> the wikimedia.org subdomains fenari, noc, observium, svn, and stafford
>> no longer need exclusions. (I have only checked noc; some of the
>> others seem not to be intended for public use.)
>>
> I know you're only the messenger but stafford.wikimedia.org only has
> valid certs for *.opendns.com. That said, the rest seem to have
> worked. Fenari requires authentication, but that loaded via https so I
> included it.
Are you using the OpenDNS DNS servers? This probably means
stafford.wikimedia.org doesn't exist anymore. I don't think the
Wikimedia Foundation actually has a contract with OpenDNS in any way;
do you know otherwise?
> Thanks for the emails.
You're welcome. Again, I am a busy student, so sorry for not watching
the Git more closely / not registering a Git account / other
imperfections in my "developer etiquette."
C. Liu
- Previous message: [HTTPS-E Rulesets] Suggested enhancements (affecting Adobe, Apple, Barnes & Noble, Flickr, Mozilla, UCSD, Wikipedia)
- Next message: [HTTPS-E Rulesets] Suggested enhancements (affecting Adobe, Apple, Barnes & Noble, Flickr, Mozilla, UCSD, Wikipedia)
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the HTTPS-Everywhere-Rules
mailing list