hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sebb <seb...@gmail.com>
Subject Re: [Legal] publicsuffix.org test data; was Re: CVE-2014-3577 postmortem
Date Thu, 28 Aug 2014 19:19:01 GMT
On 28 August 2014 20:11, Oleg Kalnichevski <olegk@apache.org> wrote:
> On Thu, 2014-08-28 at 16:51 +0100, sebb wrote:
>> On 28 August 2014 10:20, Oleg Kalnichevski <olegk@apache.org> wrote:
>> > On Thu, 2014-08-21 at 17:50 +0200, Dirk-Willem van Gulik wrote:
>> >> Op 21 aug. 2014, om 15:26 heeft Oleg Kalnichevski <olegk@apache.org>
het volgende geschreven:
>> >>
>> >> > I have pretty much completely rewritten every bit of code related to
>> >> > hostname verification in SVN trunk.
>> >> >
>> >> > https://github.com/apache/httpclient/tree/268d6cc113b305addc4a31a70bd7c3b6d545e337/httpclient/src/main/java/org/apache/http/conn/ssl
>> >> >
>> >> > I would truly appreciate someone doing a peer review of the changes
>> >> > and / or giving me feedback with regards to further improvements.
>> >>
>> >> Looks good. Couple of thoughts
>> >>
>> >> - BAD_COUNTRY_2LDS, BAD_COUNTRY_WILDCARD_PATTERN
>> >>
>> >> My guess is that longer term you will get too many specials - and the end
game is parsing something like https://publicsuffix.org/ and specifically
>> >>
>> >>       https://publicsuffix.org/list/effective_tld_names.dat
>> >>
>> >
>> > Folks
>> >
>> > It turns out that we already have a substantial amount of code for
>> > publicsuffix.org support in our 'cookie' module. It was contributed by
>> > Ortwin 'Odi' Glueck some while ago.
>> >
>> > I would like to enhance the existing implementation and also extend its
>> > test coverage.
>> >
>> > There is a set of test scenarios distributed by Mozilla, which I would
>> > like to re-use
>> >
>> > http://mxr.mozilla.org/mozilla-central/source/netwerk/test/unit/data/test_psl.txt?raw=1
>> >
>> > It is distributed as Creative Commons zero copyright. We can incorporate
>> > those test scenarios. Do we need to add attribution clause to our NOTICE
>> > and Zero Copyright license to our LICENSE file?
>> >
>> > What do you think?
>>
>> The rule for adding stuff to NOTICE is here:
>>
>> http://www.apache.org/legal/resolved.html#required-third-party-notices
>>
>> What is the exact wording of the license used by Mozilla?
>> Is there a URL for it?
>>
>
> The license can be found here:
>
> http://creativecommons.org/publicdomain/zero/1.0/

That's not actually the license, nor does the link to the full text
appear to be the text of the license.

I was after the link to the license details on the Mozilla site.

> Oleg
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
> For additional commands, e-mail: dev-help@hc.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message