[HTTPS-E Rulesets] pgp.mit.edu ruleset

Yan Zhu yan at eff.org
Fri May 23 15:43:17 PDT 2014 

On 05/23/2014 03:37 PM, Jeff Hammett wrote:
> I think my attachment might have been removed on my most recent email? I added the pgp subdomain to the main mit.xml file on line 131 like in your commit. I also added the pgp subdomain to the “Fully covered subdomains” list on line 75. Plain text below.
> 

Nope, just human error. Sorry!

I added pgp to the fully covered domains list, thanks.

(If you format your changes as a git patch, it will preserve git
contributor information like your email and name.)

-Yan

> <!--
> 	For problematic rules, see MIT-mismatches.xml.
> 
> 
> 	Other MIT rulesets:
> 
> 		- Touchstone_Network.xml
> 
> 
> 	Nonfunctional mit.edu subdomains:
> 
> 		- arts *
> 		- artscal **
> 		- civic		(no https)
> 		- csail		(cert: inquir.csail.mit.edu; handshake fails)
> 		- css.csail *
> 		- inquir.csail	(cert: inquir.csail.mit.edu; handshake fails)
> 		- www.csail	(handshake_failure)
> 		- development ***
> 		- events	(interruped)
> 		- executive
> 		- img		(shows web; mismatched, CN: web.mit.edu)
> 		- web.media
> 		- mvl		(self-signed, expired; 403)
> 		- ocw		(503, Akamai)
> 		- scratch	(times out)
> 		- student	(redirects to idp, valid cert)
> 		- stuff *
> 		- tech		(cert: the-tech.mit.edu; 401)
> 		- the-tech	(401)
> 		- web ****
> 		- xvm ***
> 		- websis	(shows student; mismatched, CN: student.mit.edu)
> 		- www ****
> 
> 	* No https
> 	** Times out
> 	*** Handshake fails
> 	**** Redirects to cert_error/
> 
> 
> 	Problematic subdomains:
> 
> 		- 3down		(works, self-signed)
> 		- calendar	(works, expired 2013-01-27)
> 		- cluedumps *
> 		- hacks *
> 		- ideabank	(mismatched, CN: future.mit.edu)
> 		- itinfo	(redirects to ist; mismatched, CN: ist.mit.edu)
> 		- techblogs	($ works, at least some pages 404, expired, self-signed)
> 		- techtime	(mismatched, CN: calendar.mit.edu)
> 
> 	* Works; mismatched, CN: *.scripts.mit.edu
> 
> 
> 
> 	Fully covered subdomains:
> 
> 		- alum
> 		- alumsso
> 		- athena10
> 		- ca
> 		- pdos.csail
> 		- debathena
> 		- future
> 		- giving
> 		- gsc
> 		- ideabank	(→ future)
> 		- idp
> 		- linerva
> 		- immersion.media
> 		- mit150
> 		- odge
> 		- orgchart
> 		- pgp
> 		- picker
> 		- sipb
> 		- stellar
> 		- webpub
> 		- whereis
> 		- wikis
> 
> 
> 	Mixed image on picker from web
> 
> -->
> <ruleset name="Massachusetts Institute of Technology (partial)">
> 
> 	<target host="*.mit.edu" />
> 	<target host="www.*.mit.edu" />
> 	<target host="people.csail.mit.edu" />
> 	<target host="mitpressjournals.org" />
> 	<target host="www.mitpressjournals.org" />
> 
> 
> 	<!--	Observed cookie domains:
> 
> 			- alum
> 			- .alum
> 			- alumsso
> 			- athena10
> 			- ca
> 			- cluedumps
> 			- debathena
> 			- .future
> 			- giving
> 			- gsc
> 			- idp
> 			- .ist
> 			- kb
> 			- .mit150
> 			- mitpress
> 			- scripts
> 			- stellar
> 			- student
> 			- wayf
> 			- webpub
> 			- whereis
> 			- wikis
> 				-->
> 	<securecookie host="^(?:alum|alumsso|athena10|ca|debathena|giving|gsc|idp|kb|mitpress|scripts|stellar|webpub|wikis).mit\.edu$" name=".*" />
> 	<!--securecookie host="^\.alum\.mist\.edu$" name="^S?SESS\w{32}$" /-->
> 	<!--securecookie host="^\.future\.mist\.edu$" name="^SSESS\w{32}$" /-->
> 	<!--securecookie host="^\.ist\.mist\.edu$" name="^SSESS\w{32}$" /-->
> 	<!--securecookie host="^\.mit150\.mist\.edu$" name="^SESS\w{32}$" /-->
> 	<securecookie host="^wayf\.mit\.edu$" name=".*" />
> 
> 
> 	<rule from="^http://mit\.edu/"
> 		to="https://mit.edu/" />
> 
> 	<rule from="^http://(alum|alumsso|athena10|ca|(?:groups|pdos|people)\.csail|debathena|future|giving|gsc|idp|ist|kb|librar(?:ies|y)|linerva|mail|immersion\.media|mit150|odge|orgchart|pgp|picker|(?:www\.|zyan\.)?scripts|sipb|stellar|wayf|webpub|whereis|wikis)\.mit\.edu/"
> 		to="https://$1.mit.edu/" />
> 
> 	<rule from="^http://ideabank\.mit\.edu/"
> 		to="https://future.mit.edu/" />
> 
> 	<rule from="^https?://(?:www\.)?mitpress\.mit\.edu/"
> 		to="https://mitpress.mit.edu/" />
> 
> 	<rule from="^http://scripts\.mit\.edu:444/"
> 		to="https://scripts.mit.edu:444/" />
> 
> 	<rule from="^http://(www\.)?mitpressjournals\.org/((?:entityImage|na101|sda|templates|userimages)/|action/(?:registration|showLogin)$)"
> 		to="https://www.mitpressjournals.org/$2" />
> 
> </ruleset>
> 
> 
> --
> Jeff Hammett
> https://www.jeffhammett.com
> 
> On May 23, 2014, at 3:28 PM, Yan Zhu <yan at eff.org> wrote:
> 
>> On 05/23/2014 03:25 PM, Jeff Hammett wrote:
>>> This is my first time writing/editing any https everywhere rules, but the attached file seems to work and doesn’t produce any errors.
>>>
>>
>> yep, your rule is technically correct, but it's easier to keep rules
>> organized if they're grouped by domain. I added it here:
>> https://github.com/EFForg/https-everywhere/commit/8ba605d416b73d859bc2a9a700c81bd26902b325.
>>
>>>
>>>
>>>
>>>
>>> --
>>> Jeff Hammett
>>> https://www.jeffhammett.com
>>>
>>> On May 23, 2014, at 2:39 PM, Yan Zhu <yan at eff.org> wrote:
>>>
>>>> On 05/22/2014 04:04 PM, Jeff Hammett wrote:
>>>>> I tried to send this yesterday, but it didn’t seem to go through.
>>>>>
>>>>> I saw the note about not merging new rulesets until the 4.0 release, but I figured I’d sent this in now anyways since I didn’t see it in the git repository.
>>>>>
>>>>> This is my first time writing a rule, but it seems to work without producing any errors as far as I can tell.
>>>>
>>>> Thanks! Could you add this to the main MIT.edu ruleset instead of making
>>>> a separate one?
>>>>
>>>>>
>>>>> <ruleset name="pgp.mit.edu">
>>>>> <target host="pgp.mit.edu" />
>>>>> <rule from="^http://pgp\.mit\.edu/" to="https://pgp.mit.edu/"/>
>>>>> </ruleset>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Jeff Hammett
>>>>> https://www.jeffhammett.com
>>>>>
>>>>>
>>>>
>>>>
>>>> -- 
>>>> Yan Zhu  <yan at eff.org>, <yan at torproject.org>
>>>> Staff Technologist
>>>> Electronic Frontier Foundation                  https://www.eff.org
>>>> 815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x134
>>>>
>>>
>>
>>
>> -- 
>> Yan Zhu  <yan at eff.org>, <yan at torproject.org>
>> Staff Technologist
>> Electronic Frontier Foundation                  https://www.eff.org
>> 815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x134
> 
> 


-- 
Yan Zhu  <yan at eff.org>, <yan at torproject.org>
Staff Technologist
Electronic Frontier Foundation                  https://www.eff.org
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x134

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <https://lists.eff.org/pipermail/https-everywhere-rules/attachments/20140523/4aedf078/attachment.sig>

More information about the HTTPS-Everywhere-Rules mailing list