Re: people.debian.org will move from ravel to paradis and become HTTPS only

To: debian-admin@lists.debian.org, debian-devel@lists.debian.org
Subject: Re: people.debian.org will move from ravel to paradis and become HTTPS only
From: Peter Palfrader <weasel@debian.org>
Date: Thu, 24 Jul 2014 07:58:26 +0200
Message-id: <[🔎] 20140724055825.GH23054@anguilla.noreply.org>
Mail-followup-to: debian-admin@lists.debian.org, debian-devel@lists.debian.org
In-reply-to: <[🔎] 20140721174418.GA9347@jwilk.net>
References: <20140713201310.GA27144@ftbfs.de> <[🔎] 66954276.LP9JdarkQP@grep.be> <[🔎] 877g39f4rs.fsf@xoog.err.no> <[🔎] 1537194.az5tucaBzH@grep.be> <[🔎] 1405841035.16130.143560421.61491AAC@webmail.messagingengine.com> <[🔎] 20140720100747.GJ626@anguilla.noreply.org> <[🔎] 20140721174418.GA9347@jwilk.net>

On Mon, 21 Jul 2014, Jakub Wilk wrote:

> * Peter Palfrader <weasel@debian.org>, 2014-07-20, 12:07:
> >we have been moving towards https for most services over the last
> >12 months.
> 
> Is that intentional that the http->https redirect for bugs.d.o is
> only temporary (302)? Should we update devscripts and
> python-debianbts to use HTTPS for accessing this host?

302 often is the default, and at least when changing configs it's a lot
more forgiving to mistakes than 301.  And then nobody changes it.  We
probably have a zoo of 301 and 302s all over.

It's not entirely clear which host you mean by "this", but if it's bugs
then I'd say yes.  If it's something else that sends HSTS headers, then
also yes.  If it's something else entirely, ask again?

> Do you plan to enable HTTPS on incoming.d.o and lintian.d.o?

Lintian is now done.  We haven't thought about incoming.debian.org yet -
it seems a bit of a strange thing anyway.  Who uses that right now, with
no obvious means at all to verify the authenticity of binary packages?

Cheers,
-- 
                           |  .''`.       ** Debian **
      Peter Palfrader      | : :' :      The  universal
 http://www.palfrader.org/ | `. `'      Operating System
                           |   `-    http://www.debian.org/

Reply to:

References:
- Re: people.debian.org will move from ravel to paradis and become HTTPS only
  - From: Wouter Verhelst <w@uter.be>
- Re: people.debian.org will move from ravel to paradis and become HTTPS only
  - From: Tollef Fog Heen <tfheen@err.no>
- Re: people.debian.org will move from ravel to paradis and become HTTPS only
  - From: Wouter Verhelst <w@uter.be>
- Re: people.debian.org will move from ravel to paradis and become HTTPS only
  - From: Ondřej Surý <ondrej@sury.org>
- Re: people.debian.org will move from ravel to paradis and become HTTPS only
  - From: Peter Palfrader <weasel@debian.org>
- Re: people.debian.org will move from ravel to paradis and become HTTPS only
  - From: Jakub Wilk <jwilk@debian.org>

Prev by Date: Re: people.debian.org will move from ravel to paradis and become HTTPS only
Next by Date: Re: systemd now appears to be only possible init system in testing
Previous by thread: Re: people.debian.org will move from ravel to paradis and become HTTPS only
Next by thread: Re: people.debian.org will move from ravel to paradis and become HTTPS only
Index(es):
- Date
- Thread