[arch-dev-public] [RFC] Add archlinux.org domain to HSTS Preload list
grazzolini at archlinux.org
Wed Jan 4 19:43:31 UTC 2017
With some improvements we have been doing to the infrastructure, we've
reached a point were practically everything on archlinux.org is hosted
I have run a sslyze test on every of our DNS entries and the ones that
did not answered are supposed to. In case you guys are interested, I'm
putting links to the tests I performed in json format in the end of the
My question is, should we add archlinux.org to the HSTS preload list?
Or, better yet, should we ever host something *not* using TLS/SSL?
 Full test, quite big: https://paste.xinu.at/UOII
 Failed hosts: https://paste.xinu.at/5srl/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 870 bytes
Desc: not available
More information about the arch-dev-public