[HTTPS-E Rulesets] pgp.mit.edu ruleset
Yan Zhu
yan at eff.org
Fri May 23 15:43:17 PDT 2014
On 05/23/2014 03:37 PM, Jeff Hammett wrote:
> I think my attachment might have been removed on my most recent email? I added the pgp subdomain to the main mit.xml file on line 131 like in your commit. I also added the pgp subdomain to the “Fully covered subdomains” list on line 75. Plain text below.
>
Nope, just human error. Sorry!
I added pgp to the fully covered domains list, thanks.
(If you format your changes as a git patch, it will preserve git
contributor information like your email and name.)
-Yan
> <!--
> For problematic rules, see MIT-mismatches.xml.
>
>
> Other MIT rulesets:
>
> - Touchstone_Network.xml
>
>
> Nonfunctional mit.edu subdomains:
>
> - arts *
> - artscal **
> - civic (no https)
> - csail (cert: inquir.csail.mit.edu; handshake fails)
> - css.csail *
> - inquir.csail (cert: inquir.csail.mit.edu; handshake fails)
> - www.csail (handshake_failure)
> - development ***
> - events (interruped)
> - executive
> - img (shows web; mismatched, CN: web.mit.edu)
> - web.media
> - mvl (self-signed, expired; 403)
> - ocw (503, Akamai)
> - scratch (times out)
> - student (redirects to idp, valid cert)
> - stuff *
> - tech (cert: the-tech.mit.edu; 401)
> - the-tech (401)
> - web ****
> - xvm ***
> - websis (shows student; mismatched, CN: student.mit.edu)
> - www ****
>
> * No https
> ** Times out
> *** Handshake fails
> **** Redirects to cert_error/
>
>
> Problematic subdomains:
>
> - 3down (works, self-signed)
> - calendar (works, expired 2013-01-27)
> - cluedumps *
> - hacks *
> - ideabank (mismatched, CN: future.mit.edu)
> - itinfo (redirects to ist; mismatched, CN: ist.mit.edu)
> - techblogs ($ works, at least some pages 404, expired, self-signed)
> - techtime (mismatched, CN: calendar.mit.edu)
>
> * Works; mismatched, CN: *.scripts.mit.edu
>
>
>
> Fully covered subdomains:
>
> - alum
> - alumsso
> - athena10
> - ca
> - pdos.csail
> - debathena
> - future
> - giving
> - gsc
> - ideabank (→ future)
> - idp
> - linerva
> - immersion.media
> - mit150
> - odge
> - orgchart
> - pgp
> - picker
> - sipb
> - stellar
> - webpub
> - whereis
> - wikis
>
>
> Mixed image on picker from web
>
> -->
> <ruleset name="Massachusetts Institute of Technology (partial)">
>
> <target host="*.mit.edu" />
> <target host="www.*.mit.edu" />
> <target host="people.csail.mit.edu" />
> <target host="mitpressjournals.org" />
> <target host="www.mitpressjournals.org" />
>
>
> <!-- Observed cookie domains:
>
> - alum
> - .alum
> - alumsso
> - athena10
> - ca
> - cluedumps
> - debathena
> - .future
> - giving
> - gsc
> - idp
> - .ist
> - kb
> - .mit150
> - mitpress
> - scripts
> - stellar
> - student
> - wayf
> - webpub
> - whereis
> - wikis
> -->
> <securecookie host="^(?:alum|alumsso|athena10|ca|debathena|giving|gsc|idp|kb|mitpress|scripts|stellar|webpub|wikis).mit\.edu$" name=".*" />
> <!--securecookie host="^\.alum\.mist\.edu$" name="^S?SESS\w{32}$" /-->
> <!--securecookie host="^\.future\.mist\.edu$" name="^SSESS\w{32}$" /-->
> <!--securecookie host="^\.ist\.mist\.edu$" name="^SSESS\w{32}$" /-->
> <!--securecookie host="^\.mit150\.mist\.edu$" name="^SESS\w{32}$" /-->
> <securecookie host="^wayf\.mit\.edu$" name=".*" />
>
>
> <rule from="^http://mit\.edu/"
> to="https://mit.edu/" />
>
> <rule from="^http://(alum|alumsso|athena10|ca|(?:groups|pdos|people)\.csail|debathena|future|giving|gsc|idp|ist|kb|librar(?:ies|y)|linerva|mail|immersion\.media|mit150|odge|orgchart|pgp|picker|(?:www\.|zyan\.)?scripts|sipb|stellar|wayf|webpub|whereis|wikis)\.mit\.edu/"
> to="https://$1.mit.edu/" />
>
> <rule from="^http://ideabank\.mit\.edu/"
> to="https://future.mit.edu/" />
>
> <rule from="^https?://(?:www\.)?mitpress\.mit\.edu/"
> to="https://mitpress.mit.edu/" />
>
> <rule from="^http://scripts\.mit\.edu:444/"
> to="https://scripts.mit.edu:444/" />
>
> <rule from="^http://(www\.)?mitpressjournals\.org/((?:entityImage|na101|sda|templates|userimages)/|action/(?:registration|showLogin)$)"
> to="https://www.mitpressjournals.org/$2" />
>
> </ruleset>
>
>
> --
> Jeff Hammett
> https://www.jeffhammett.com
>
> On May 23, 2014, at 3:28 PM, Yan Zhu <yan at eff.org> wrote:
>
>> On 05/23/2014 03:25 PM, Jeff Hammett wrote:
>>> This is my first time writing/editing any https everywhere rules, but the attached file seems to work and doesn’t produce any errors.
>>>
>>
>> yep, your rule is technically correct, but it's easier to keep rules
>> organized if they're grouped by domain. I added it here:
>> https://github.com/EFForg/https-everywhere/commit/8ba605d416b73d859bc2a9a700c81bd26902b325.
>>
>>>
>>>
>>>
>>>
>>> --
>>> Jeff Hammett
>>> https://www.jeffhammett.com
>>>
>>> On May 23, 2014, at 2:39 PM, Yan Zhu <yan at eff.org> wrote:
>>>
>>>> On 05/22/2014 04:04 PM, Jeff Hammett wrote:
>>>>> I tried to send this yesterday, but it didn’t seem to go through.
>>>>>
>>>>> I saw the note about not merging new rulesets until the 4.0 release, but I figured I’d sent this in now anyways since I didn’t see it in the git repository.
>>>>>
>>>>> This is my first time writing a rule, but it seems to work without producing any errors as far as I can tell.
>>>>
>>>> Thanks! Could you add this to the main MIT.edu ruleset instead of making
>>>> a separate one?
>>>>
>>>>>
>>>>> <ruleset name="pgp.mit.edu">
>>>>> <target host="pgp.mit.edu" />
>>>>> <rule from="^http://pgp\.mit\.edu/" to="https://pgp.mit.edu/"/>
>>>>> </ruleset>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Jeff Hammett
>>>>> https://www.jeffhammett.com
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Yan Zhu <yan at eff.org>, <yan at torproject.org>
>>>> Staff Technologist
>>>> Electronic Frontier Foundation https://www.eff.org
>>>> 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x134
>>>>
>>>
>>
>>
>> --
>> Yan Zhu <yan at eff.org>, <yan at torproject.org>
>> Staff Technologist
>> Electronic Frontier Foundation https://www.eff.org
>> 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x134
>
>
--
Yan Zhu <yan at eff.org>, <yan at torproject.org>
Staff Technologist
Electronic Frontier Foundation https://www.eff.org
815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x134
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <https://lists.eff.org/pipermail/https-everywhere-rules/attachments/20140523/4aedf078/attachment.sig>
More information about the HTTPS-Everywhere-Rules
mailing list