www-infrastructure-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Paul Querna (JIRA)" <j...@apache.org>
Subject [jira] Commented: (INFRA-1737) TLS/SSL access to https://www.apache.org/
Date Thu, 10 Dec 2009 05:19:18 GMT

    [ https://issues.apache.org/jira/browse/INFRA-1737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12788515#action_12788515
] 

Paul Querna commented on INFRA-1737:
------------------------------------

blocking on us getting a *.apache.org certificate.

Roughly $300/year if we went with $cheap-ssl-certs.

potentially might get it donated to us.


> TLS/SSL access to https://www.apache.org/
> -----------------------------------------
>
>                 Key: INFRA-1737
>                 URL: https://issues.apache.org/jira/browse/INFRA-1737
>             Project: Infrastructure
>          Issue Type: Wish
>      Security Level: public(Regular issues) 
>          Components: HTTP Server, Infra Wishlist
>            Reporter: William A. Rowe, Jr.
>
> Right now, certain artifacts, especially ../KEYS and ../package.asc or .../package.md5
> should be able to trust that they have reached www.apache.org (server authentication)
> and are not modified in transit (TLS/SSL crypto).
> Which leaves us looking for a https:// portal to /dist/, especially.  Other considerations
> include the sponsorship and licensing pages where the reader wants additional assurance
> that the information they receive (send $100k US to ...) are authentic.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message