----- Original Message ----- From: "Joel jaeggli" <joelja@xxxxxxxxx> To: "Doug Barton" <dougb@xxxxxxxxxxxxx> Cc: "t.petch" <daedulus@xxxxxxxxxxxxx>; "IETF Discussion" <ietf@xxxxxxxx>; <webmaster@xxxxxxxx> Sent: Sunday, August 28, 2011 9:55 PM > On 8/28/11 11:31 , Joel jaeggli wrote: > > On 8/26/11 14:00 , Doug Barton wrote: > >> Joel, > > > > "it doesn't" means that the mailing list archives do not require the use > > of https, if the entry point urls point to the https server that bad in > > this case... > > To be still more specific the mailman archives do not. the ibin archive > does. Joel Um, I do not understand that statement; mailman I know, ibin I do not, but either way, I am an archive user, not an e-mail administrator, and while I can access some archives with http:, notably from the web page for specific WG, others I cannot, notably from http://www.ietf.org/list/nonwg.html which is the only way I can access some of them, as far as I know: and on that page, there are some 250 html anchors with a scheme of 'https:' Edit the scheme to http: and the web site puts the 's' back in so either way, I am stuffed. Tom Petch > > If one has forgotten to renew a certificate before it expires, it takes > > time to get a new one issued. as an operational pratice is is necessary > > to track the issue and expiration dates of such resources. > > > >> I don't know what "It doesn't" is supposed to mean, but visiting > >> https://www.ietf.org/* today with firefox it is still reporting that the > >> certificate expired yesterday. > >> > >> Given the volume of discussion about the topic starting yesterday when > >> the problem started one could easily make a case for "it's still broken" > >> being a significant "issue." > >> > >> cc'ing the address listed as "Report Website Errors" on the home page. > >> > >> > >> Doug > >> > >> > >> On 08/26/2011 07:44, Joel jaeggli wrote: > >>> It doesn't... > >>> > >>> http://www.ietf.org/mail-archive/web/v6ops/current/maillist.html > >>> > >>> On 8/26/11 00:18 , t.petch wrote: > >>>> Why does the IETF website consider it necessary to use TLS to access the mailing > >>>> list archives, when they all appeared without it, or any other security, in the > >>>> first place? > >>>> > >>>> Besides all the usual hassle of TLS, today the certificate is reported by IE as > >>>> expired, which sort of sums it up. > >>>> > >>>> Tom Petch > >>>> > >>>> _______________________________________________ > >>>> Ietf mailing list > >>>> Ietf@xxxxxxxx > >>>> https://www.ietf.org/mailman/listinfo/ietf > >>>> > >>> > >>> _______________________________________________ > >>> Ietf mailing list > >>> Ietf@xxxxxxxx > >>> https://www.ietf.org/mailman/listinfo/ietf > >> > >> > >> > > > _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf