openoffice-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Weir <robw...@apache.org>
Subject Re: updates.openoffice.org
Date Tue, 04 Jun 2013 22:05:22 GMT
On Tue, Jun 4, 2013 at 5:59 PM, janI <jani@apache.org> wrote:
> On 4 June 2013 22:36, Andrea Pescetti <pescetti@apache.org> wrote:
>
>> On 03/06/2013 Rob Weir wrote:
>>
>>> I think the concern is this:
>>> 1) We want SSL for 4.0.http://update.openoffice.**org<http://update.openoffice.org>
is not HTTPS.
>>>
>>> 2) The URL https://ooo-site.openoffice.**apache.org<https://ooo-site.openoffice.apache.org>
supports SSL, but is
>>> not considered "long term stable".  The URL is an artifact of the CMS
>>> 3) We're looking for a stable URL.  One could be
>>> https://updates.openoffice.org**, but that requires an SSL cert for
>>> *.openoffice.org.  But will that be supported in time for the AOO 4.0
>>> release?
>>> 4) Backup plan is updates.openoffice.apache.org, which could be
>>> supported via SSL today, using the *.apache.org cert.  If we do that
>>> we'd want to map that to its own CMS dir in SVN. so it can be updated
>>> and published via the CMS.
>>>
>>
>> This is mostly correct, except the fact (in #2 and #4) that the current
>> certificates only support x.apache.org and not x.y.apache.org: so
>> https://ooo-site.apache.org is what is in the sources right now (well,
>> the last time I checked) and https://openoffice-updates.**apache.org<https://openoffice-updates.apache.org>(or
something like that) should be used for the backup plan in #4.
>>
>
> Hi
>
> I am confused, it seem we nearly all agree on
> https://updates.openoffice.orgbut not on the directory.
>
> The order for the cert is being processed, when the cert arrives it needs
> to be implemented on erebus-sll (our https: proxy), and we (infra) need to
> do some updates on the aoo servers.
>
> In order to do this work, I need:
>
> 1) which url (e.g. https://updates.openoffice.org)
> 2) should relate to which directory in svn.
>
> The last mails contains different proposal ranging from dont do it for 4.0
> to different dirs, that is something I cannot implement.
>
> We can also decide to forget it for https:updates.*, but I need a single
> decision to be able to implement it.
>

Is the cert already here?  Or do we have a few weeks to decide?  I'd
say, don't let this decision get in the way of deploying the cert and
enabling it for the website, wikis, forums, etc.   The update site
doesn't need to be enabled until shortly before AOO 4.0 is released.

And depending on when the cert arrives, we might not use it at all for
4.0 updates.  If it comes too late we'll just use an apache.org
address.   So we're really waiting for Infra on this, not the other
way around.  We need an estimate for when the cert will be purchased
so we can decide whether or not it will be used for 4.0 updates.

-Rob


> rgds
> jan I.
>
>>
>> Regards,
>>   Andrea.
>>
>>
>> ------------------------------**------------------------------**---------
>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.**apache.org<dev-unsubscribe@openoffice.apache.org>
>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>
>>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org


Mime
View raw message