On 04.01.2017 20:43, Giancarlo Razzolini wrote:
Hi All,
With some improvements we have been doing to the infrastructure, we've reached a point were practically everything on archlinux.org is hosted using TLS/SSL.
I have run a sslyze test on every of our DNS entries and the ones that did not answered are supposed to. In case you guys are interested, I'm putting links to the tests I performed in json format in the end of the email.[0][1]
My question is, should we add archlinux.org to the HSTS preload list?[2] Or, better yet, should we ever host something *not* using TLS/SSL? Cheers, Giancarlo Razzolini
[0] Full test, quite big: https://paste.xinu.at/UOII [1] Failed hosts: https://paste.xinu.at/5srl/ [2] https://hstspreload.org/
In general a great idea. Our Torrent tracker does not support https as it seems: http://tracker.archlinux.org:6969/stat I haven't looked into it yet though. Port 443 redirects to bbs which is strange... Greetings, Pierre -- Pierre Schmitz, https://pierre-schmitz.com