openoffice-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Weir <robw...@apache.org>
Subject Re: updates.openoffice.org
Date Tue, 04 Jun 2013 22:20:52 GMT
I should mention also that we have a BZ issue tracking this required
change.  It is categorized as a Release Blocker, so we don't forget
it:

https://issues.apache.org/ooo/show_bug.cgi?id=122444

-Rob

On Tue, Jun 4, 2013 at 6:05 PM, Rob Weir <robweir@apache.org> wrote:
> On Tue, Jun 4, 2013 at 5:59 PM, janI <jani@apache.org> wrote:
>> On 4 June 2013 22:36, Andrea Pescetti <pescetti@apache.org> wrote:
>>
>>> On 03/06/2013 Rob Weir wrote:
>>>
>>>> I think the concern is this:
>>>> 1) We want SSL for 4.0.http://update.openoffice.**org<http://update.openoffice.org>
is not HTTPS.
>>>>
>>>> 2) The URL https://ooo-site.openoffice.**apache.org<https://ooo-site.openoffice.apache.org>
supports SSL, but is
>>>> not considered "long term stable".  The URL is an artifact of the CMS
>>>> 3) We're looking for a stable URL.  One could be
>>>> https://updates.openoffice.org**, but that requires an SSL cert for
>>>> *.openoffice.org.  But will that be supported in time for the AOO 4.0
>>>> release?
>>>> 4) Backup plan is updates.openoffice.apache.org, which could be
>>>> supported via SSL today, using the *.apache.org cert.  If we do that
>>>> we'd want to map that to its own CMS dir in SVN. so it can be updated
>>>> and published via the CMS.
>>>>
>>>
>>> This is mostly correct, except the fact (in #2 and #4) that the current
>>> certificates only support x.apache.org and not x.y.apache.org: so
>>> https://ooo-site.apache.org is what is in the sources right now (well,
>>> the last time I checked) and https://openoffice-updates.**apache.org<https://openoffice-updates.apache.org>(or
something like that) should be used for the backup plan in #4.
>>>
>>
>> Hi
>>
>> I am confused, it seem we nearly all agree on
>> https://updates.openoffice.orgbut not on the directory.
>>
>> The order for the cert is being processed, when the cert arrives it needs
>> to be implemented on erebus-sll (our https: proxy), and we (infra) need to
>> do some updates on the aoo servers.
>>
>> In order to do this work, I need:
>>
>> 1) which url (e.g. https://updates.openoffice.org)
>> 2) should relate to which directory in svn.
>>
>> The last mails contains different proposal ranging from dont do it for 4.0
>> to different dirs, that is something I cannot implement.
>>
>> We can also decide to forget it for https:updates.*, but I need a single
>> decision to be able to implement it.
>>
>
> Is the cert already here?  Or do we have a few weeks to decide?  I'd
> say, don't let this decision get in the way of deploying the cert and
> enabling it for the website, wikis, forums, etc.   The update site
> doesn't need to be enabled until shortly before AOO 4.0 is released.
>
> And depending on when the cert arrives, we might not use it at all for
> 4.0 updates.  If it comes too late we'll just use an apache.org
> address.   So we're really waiting for Infra on this, not the other
> way around.  We need an estimate for when the cert will be purchased
> so we can decide whether or not it will be used for 4.0 updates.
>
> -Rob
>
>
>> rgds
>> jan I.
>>
>>>
>>> Regards,
>>>   Andrea.
>>>
>>>
>>> ------------------------------**------------------------------**---------
>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.**apache.org<dev-unsubscribe@openoffice.apache.org>
>>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>>
>>>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org


Mime
View raw message