[arch-dev-public] [RFC] Add archlinux.org domain to HSTS Preload list
pierre at archlinux.de
Thu Jan 5 16:26:44 UTC 2017
On 04.01.2017 20:43, Giancarlo Razzolini wrote:
> Hi All,
> With some improvements we have been doing to the infrastructure,
> reached a point were practically everything on archlinux.org is
> using TLS/SSL.
> I have run a sslyze test on every of our DNS entries and the ones
> did not answered are supposed to. In case you guys are interested,
> putting links to the tests I performed in json format in the end of
> My question is, should we add archlinux.org to the HSTS preload
> Or, better yet, should we ever host something *not* using TLS/SSL?
> Giancarlo Razzolini
>  Full test, quite big: https://paste.xinu.at/UOII
>  Failed hosts: https://paste.xinu.at/5srl/
>  https://hstspreload.org/
In general a great idea. Our Torrent tracker does not support https as
it seems: http://tracker.archlinux.org:6969/stat I haven't looked into
it yet though. Port 443 redirects to bbs which is strange...
Pierre Schmitz, https://pierre-schmitz.com
More information about the arch-dev-public