You are viewing a plain text version of this content. The canonical link for it is here.
Posted to infrastructure-issues@apache.org by "William A. Rowe, Jr. (JIRA)" <ji...@apache.org> on 2008/09/25 03:37:44 UTC
[jira] Created: (INFRA-1737) TLS/SSL access to
https://www.apache.org/
TLS/SSL access to https://www.apache.org/
-----------------------------------------
Key: INFRA-1737
URL: https://issues.apache.org/jira/browse/INFRA-1737
Project: Infrastructure
Issue Type: Wish
Security Level: public (Regular issues)
Components: HTTP Server, Infra Wishlist
Reporter: William A. Rowe, Jr.
Right now, certain artifacts, especially ../KEYS and ../package.asc or .../package.md5
should be able to trust that they have reached www.apache.org (server authentication)
and are not modified in transit (TLS/SSL crypto).
Which leaves us looking for a https:// portal to /dist/, especially. Other considerations
include the sponsorship and licensing pages where the reader wants additional assurance
that the information they receive (send $100k US to ...) are authentic.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (INFRA-1737) TLS/SSL access to
https://www.apache.org/
Posted by "#asfinfra IRC Bot (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/INFRA-1737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12795393#action_12795393 ]
#asfinfra IRC Bot commented on INFRA-1737:
------------------------------------------
<pquerna> done
> TLS/SSL access to https://www.apache.org/
> -----------------------------------------
>
> Key: INFRA-1737
> URL: https://issues.apache.org/jira/browse/INFRA-1737
> Project: Infrastructure
> Issue Type: Wish
> Security Level: public(Regular issues)
> Components: HTTP Server, Infra Wishlist
> Reporter: William A. Rowe, Jr.
>
> Right now, certain artifacts, especially ../KEYS and ../package.asc or .../package.md5
> should be able to trust that they have reached www.apache.org (server authentication)
> and are not modified in transit (TLS/SSL crypto).
> Which leaves us looking for a https:// portal to /dist/, especially. Other considerations
> include the sponsorship and licensing pages where the reader wants additional assurance
> that the information they receive (send $100k US to ...) are authentic.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (INFRA-1737) TLS/SSL access to
https://www.apache.org/
Posted by "#asfinfra IRC Bot (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/INFRA-1737?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
#asfinfra IRC Bot closed INFRA-1737.
------------------------------------
Resolution: Fixed
> TLS/SSL access to https://www.apache.org/
> -----------------------------------------
>
> Key: INFRA-1737
> URL: https://issues.apache.org/jira/browse/INFRA-1737
> Project: Infrastructure
> Issue Type: Wish
> Security Level: public(Regular issues)
> Components: HTTP Server, Infra Wishlist
> Reporter: William A. Rowe, Jr.
>
> Right now, certain artifacts, especially ../KEYS and ../package.asc or .../package.md5
> should be able to trust that they have reached www.apache.org (server authentication)
> and are not modified in transit (TLS/SSL crypto).
> Which leaves us looking for a https:// portal to /dist/, especially. Other considerations
> include the sponsorship and licensing pages where the reader wants additional assurance
> that the information they receive (send $100k US to ...) are authentic.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (INFRA-1737) TLS/SSL access to
https://www.apache.org/
Posted by "Paul Querna (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/INFRA-1737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12788515#action_12788515 ]
Paul Querna commented on INFRA-1737:
------------------------------------
blocking on us getting a *.apache.org certificate.
Roughly $300/year if we went with $cheap-ssl-certs.
potentially might get it donated to us.
> TLS/SSL access to https://www.apache.org/
> -----------------------------------------
>
> Key: INFRA-1737
> URL: https://issues.apache.org/jira/browse/INFRA-1737
> Project: Infrastructure
> Issue Type: Wish
> Security Level: public(Regular issues)
> Components: HTTP Server, Infra Wishlist
> Reporter: William A. Rowe, Jr.
>
> Right now, certain artifacts, especially ../KEYS and ../package.asc or .../package.md5
> should be able to trust that they have reached www.apache.org (server authentication)
> and are not modified in transit (TLS/SSL crypto).
> Which leaves us looking for a https:// portal to /dist/, especially. Other considerations
> include the sponsorship and licensing pages where the reader wants additional assurance
> that the information they receive (send $100k US to ...) are authentic.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.