Tomasz Torcz: > On Wed, Feb 15, 2017 at 11:32:28AM +0100, Jean-Baptiste Holcroft wrote: >> Le 2017-02-14 20:10, Kevin Fenzi a écrit : >>> There's no real security advantage here, other than making more traffic >>> on the net encrypted, which I think is a good goal. >>> >>> What do folks think? Doable? To harsh? Pointless? >> >> Do you have any statistics of the number of blog that should migrate? Total >> blog number, total blog with partial https (is it easy to detect?), total >> blog with full https. > > I've tried to estimated this, using http://fedoraplanet.org/heads.html: > > – there are 716 blogs in total > * 284 URLs start with https:// > * 432 URLs start with http:// > > - if I do s/http/https/ and try to access the blogs (of 432 "http://"; ones): > - 225 over https returned content with roughly the same size as returned over http > - 209 weren't accessible by https > - 34 weren't accessible by http, either > > I did not check if those 225 "forced https" contain any mixed content. > > Summary: > - we have 716 blogs on Planet > - we can access (284+225=) 509 of them over https > - by forcing https we would loose ~ 200 blogs > I'd recommend a hybrid deadline, say 6 months from ?today ?($date)? blog is less favored if by Jan 1 2018 it's still not https it gets dropped, this let's people know 1) we are seriously 2) not trying to kill them with an immediate seemingly arb. deadline. Corey W Sheldon M:703.839.6609:|:D:310.909.7672 PGP:|:0x90DD92F222C15DC2:|:0x32C80DA97E25CEFE:|:0x5C9AB5EC2C5CA3DA:| |:https://keybase.io/linuxmodder:|:https://ameridea.github.io:| |:http://community.ameridea.net:|:http://www.ameridea.net A goal is not always meant to be reached, it often serves simply as something to aim at. --Bruce Lee Absorb what is useful, discard what is not, add what is uniquely your own. --Bruce Lee Any man willing to sacrifice security for convenience, is deserving of neither. -- Benjamin Franklin Disclaimer: All correspondence shall be deemed of a sensitive nature, and not re-distributed without good cause or per-approval. All Emails shall be GPG signed or carry a attached vcf/asc blob, any email lacking this shall be treated with healthy skepticism.
begin:vcard fn:Corey W Sheldon n:Sheldon;Corey email;internet:sheldon.corey@xxxxxxxxxxxxxxx:|:csheldon@xxxxxxxxxxxx tel;home:703.839.6609 tel;cell:310.909.7672 x-mozilla-html:TRUE version:2.1 end:vcard
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx
