[HTTPS-E Rulesets] pgp.mit.edu ruleset
Jeff Hammett
jeff at jeffhammett.com
Fri May 23 15:37:30 PDT 2014
I think my attachment might have been removed on my most recent email? I added the pgp subdomain to the main mit.xml file on line 131 like in your commit. I also added the pgp subdomain to the “Fully covered subdomains” list on line 75. Plain text below.
<!--
For problematic rules, see MIT-mismatches.xml.
Other MIT rulesets:
- Touchstone_Network.xml
Nonfunctional mit.edu subdomains:
- arts *
- artscal **
- civic (no https)
- csail (cert: inquir.csail.mit.edu; handshake fails)
- css.csail *
- inquir.csail (cert: inquir.csail.mit.edu; handshake fails)
- www.csail (handshake_failure)
- development ***
- events (interruped)
- executive
- img (shows web; mismatched, CN: web.mit.edu)
- web.media
- mvl (self-signed, expired; 403)
- ocw (503, Akamai)
- scratch (times out)
- student (redirects to idp, valid cert)
- stuff *
- tech (cert: the-tech.mit.edu; 401)
- the-tech (401)
- web ****
- xvm ***
- websis (shows student; mismatched, CN: student.mit.edu)
- www ****
* No https
** Times out
*** Handshake fails
**** Redirects to cert_error/
Problematic subdomains:
- 3down (works, self-signed)
- calendar (works, expired 2013-01-27)
- cluedumps *
- hacks *
- ideabank (mismatched, CN: future.mit.edu)
- itinfo (redirects to ist; mismatched, CN: ist.mit.edu)
- techblogs ($ works, at least some pages 404, expired, self-signed)
- techtime (mismatched, CN: calendar.mit.edu)
* Works; mismatched, CN: *.scripts.mit.edu
Fully covered subdomains:
- alum
- alumsso
- athena10
- ca
- pdos.csail
- debathena
- future
- giving
- gsc
- ideabank (→ future)
- idp
- linerva
- immersion.media
- mit150
- odge
- orgchart
- pgp
- picker
- sipb
- stellar
- webpub
- whereis
- wikis
Mixed image on picker from web
-->
<ruleset name="Massachusetts Institute of Technology (partial)">
<target host="*.mit.edu" />
<target host="www.*.mit.edu" />
<target host="people.csail.mit.edu" />
<target host="mitpressjournals.org" />
<target host="www.mitpressjournals.org" />
<!-- Observed cookie domains:
- alum
- .alum
- alumsso
- athena10
- ca
- cluedumps
- debathena
- .future
- giving
- gsc
- idp
- .ist
- kb
- .mit150
- mitpress
- scripts
- stellar
- student
- wayf
- webpub
- whereis
- wikis
-->
<securecookie host="^(?:alum|alumsso|athena10|ca|debathena|giving|gsc|idp|kb|mitpress|scripts|stellar|webpub|wikis).mit\.edu$" name=".*" />
<!--securecookie host="^\.alum\.mist\.edu$" name="^S?SESS\w{32}$" /-->
<!--securecookie host="^\.future\.mist\.edu$" name="^SSESS\w{32}$" /-->
<!--securecookie host="^\.ist\.mist\.edu$" name="^SSESS\w{32}$" /-->
<!--securecookie host="^\.mit150\.mist\.edu$" name="^SESS\w{32}$" /-->
<securecookie host="^wayf\.mit\.edu$" name=".*" />
<rule from="^http://mit\.edu/"
to="https://mit.edu/" />
<rule from="^http://(alum|alumsso|athena10|ca|(?:groups|pdos|people)\.csail|debathena|future|giving|gsc|idp|ist|kb|librar(?:ies|y)|linerva|mail|immersion\.media|mit150|odge|orgchart|pgp|picker|(?:www\.|zyan\.)?scripts|sipb|stellar|wayf|webpub|whereis|wikis)\.mit\.edu/"
to="https://$1.mit.edu/" />
<rule from="^http://ideabank\.mit\.edu/"
to="https://future.mit.edu/" />
<rule from="^https?://(?:www\.)?mitpress\.mit\.edu/"
to="https://mitpress.mit.edu/" />
<rule from="^http://scripts\.mit\.edu:444/"
to="https://scripts.mit.edu:444/" />
<rule from="^http://(www\.)?mitpressjournals\.org/((?:entityImage|na101|sda|templates|userimages)/|action/(?:registration|showLogin)$)"
to="https://www.mitpressjournals.org/$2" />
</ruleset>
--
Jeff Hammett
https://www.jeffhammett.com
On May 23, 2014, at 3:28 PM, Yan Zhu <yan at eff.org> wrote:
> On 05/23/2014 03:25 PM, Jeff Hammett wrote:
>> This is my first time writing/editing any https everywhere rules, but the attached file seems to work and doesn’t produce any errors.
>>
>
> yep, your rule is technically correct, but it's easier to keep rules
> organized if they're grouped by domain. I added it here:
> https://github.com/EFForg/https-everywhere/commit/8ba605d416b73d859bc2a9a700c81bd26902b325.
>
>>
>>
>>
>>
>> --
>> Jeff Hammett
>> https://www.jeffhammett.com
>>
>> On May 23, 2014, at 2:39 PM, Yan Zhu <yan at eff.org> wrote:
>>
>>> On 05/22/2014 04:04 PM, Jeff Hammett wrote:
>>>> I tried to send this yesterday, but it didn’t seem to go through.
>>>>
>>>> I saw the note about not merging new rulesets until the 4.0 release, but I figured I’d sent this in now anyways since I didn’t see it in the git repository.
>>>>
>>>> This is my first time writing a rule, but it seems to work without producing any errors as far as I can tell.
>>>
>>> Thanks! Could you add this to the main MIT.edu ruleset instead of making
>>> a separate one?
>>>
>>>>
>>>> <ruleset name="pgp.mit.edu">
>>>> <target host="pgp.mit.edu" />
>>>> <rule from="^http://pgp\.mit\.edu/" to="https://pgp.mit.edu/"/>
>>>> </ruleset>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Jeff Hammett
>>>> https://www.jeffhammett.com
>>>>
>>>>
>>>
>>>
>>> --
>>> Yan Zhu <yan at eff.org>, <yan at torproject.org>
>>> Staff Technologist
>>> Electronic Frontier Foundation https://www.eff.org
>>> 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x134
>>>
>>
>
>
> --
> Yan Zhu <yan at eff.org>, <yan at torproject.org>
> Staff Technologist
> Electronic Frontier Foundation https://www.eff.org
> 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x134
More information about the HTTPS-Everywhere-Rules
mailing list