[HTTPS-E Rulesets] [PATCH] Update the Debian SSL domain list
Paul Wise
pabs3 at bonedaddy.net
Thu May 1 18:44:39 PDT 2014
---
src/chrome/content/rules/Debian-self-signed.xml | 20 ++------------------
src/chrome/content/rules/Debian.xml | 12 ++----------
2 files changed, 4 insertions(+), 28 deletions(-)
diff --git a/src/chrome/content/rules/Debian-self-signed.xml b/src/chrome/content/rules/Debian-self-signed.xml
index fe68d29..ccfc283 100644
--- a/src/chrome/content/rules/Debian-self-signed.xml
+++ b/src/chrome/content/rules/Debian-self-signed.xml
@@ -7,38 +7,22 @@
- mentors.debian.net
- paste.debian.net
- - debian.org subdomains:
-
- - alioth
- - lists.alioth
- - buildd
- - db
- - ftp-master
- - lists
- - nagios
- - nm
-
-->
<ruleset name="Debian (self-signed)" default_off="self-signed">
<target host="*.debian.net" />
<!--exclusion pattern="^http://screenshots\.debian\.net/" /-->
- <target host="alioth.debian.org" />
- <target host="lists.alioth.debian.org" />
<!--
Nonfunctional:
-->
- <!--exclusion pattern="^http://(anonscm|ca|cvs|incoming|packages|people|popcon|qa|packages.qa|search|svn)\.debian\.org/" /-->
+ <!--exclusion pattern="^http://(ca|incoming|people|popcon|qa|packages.qa|search)\.debian\.org/" /-->
<!--
Handled in Debian.xml:
-->
- <!--exclusion pattern="^http://(bugs|buildd|db|ftp-master|lists|nagios|nm|wiki|www)\.debian\.org/" /-->
+ <!--exclusion pattern="^http://(anonscm|arch|bugs(?:-master)?|buildd|bzr|contributors|cvs|darcs|db|dsa|ftp-master|git|hg|lists|munin|nagios|nm|openstack.bm|packages|piuparts|puppet-dashboard|release|rt|rtc|security-(?:tracker|master)|sip-ws|sso|svn|udd|vote|wiki|www)\.debian\.org/" /-->
<rule from="^http://(mentors|paste)\.debian\.net/"
to="https://$1.debian.net/" />
- <rule from="^http://(lists\.)?alioth\.debian\.org/"
- to="https://$1alioth.debian.org/" />
-
</ruleset>
diff --git a/src/chrome/content/rules/Debian.xml b/src/chrome/content/rules/Debian.xml
index 154a8fd..b5c79f0 100644
--- a/src/chrome/content/rules/Debian.xml
+++ b/src/chrome/content/rules/Debian.xml
@@ -9,13 +9,9 @@
Nonfunctional domains:
- - screenshots.debian.net ¹
-
- debian.org subdomains:
- - anonscm ²
- ca (shows db; mismatched, CN: db.debian.org)
- - cvs ²
- incoming (shows ftp-master; mismatched, CN: ftp-master.debian.org)
- people (reset; people.debian.org/~joerg/ is displayed
after fetching gpg.ganneff.de over http...)
@@ -23,10 +19,8 @@
- qa ¹
- packages.qa ¹
- search (shows www; mismatched, CN: debian.org)
- - svn ²
¹ Refused
- ² Shows alioth; mismatched, CN: alioth.debian.org
Problematic domains:
@@ -36,12 +30,9 @@
- debian.org subdomains:
- - alioth ¹
- - lists.alioth ²
- cdimage (refused)
¹ Works, self-signed
- ² Works, self-signed, mismatched, CN: alioth.debian.org
Partially covered domains:
@@ -60,6 +51,7 @@
- nagios
- nm
- wiki
+ - ...
altnames that don't exist:
@@ -89,7 +81,7 @@
<securecookie host="^nm\.debian\.org$" name=".+" />
- <rule from="^http://((?:bugs|buildd|contributors|db|dsa|ftp-master|lists|munin|nagios|nm|packages|piuparts|release|rt|security-tracker|sso|udd|vote|wiki|www)\.)?debian\.org/"
+ <rule from="^http://((?:anonscm|arch|bugs(?:-master)?|buildd|bzr|contributors|cvs|darcs|db|dsa|ftp-master|git|hg|lists|munin|nagios|nm|openstack.bm|packages|piuparts|puppet-dashboard|release|rt|rtc|security-(?:tracker|master)|sip-ws|sso|svn|udd|vote|wiki|www)\.)?debian\.org/"
to="https://$1debian.org/" />
<rule from="^http://(france|screenshots)\.debian\.net/"
--
1.9.2
More information about the HTTPS-Everywhere-Rules
mailing list