HTTPS enabled for remaining OpenJDK subdomains
Sergey Ponomarev
stokito at gmail.com
Tue Sep 25 16:02:35 UTC 2018
Hi, great job!
I made small test:
cr.openjdk.java.net
Redirect from HTTP to HTTPS: no, this can be definetely made
Upgrade-Insecure-Requests: ignored
HSTS - none
SCP: yes, but may be more strict. Use SCP Evaluator
<https://chrome.google.com/webstore/detail/csp-evaluator/fjohamlofnakbnbfjkohkbdigoodcejf>
to debug.
mail.openjdk.java.net
Redirect from HTTP to HTTPS: yes
Upgrade-Insecure-Requests: ignored
HSTS - none
SCP: yes, but may be more strict.
hg.openjdk.java.net
Redirect from HTTP to HTTPS: no, maybe it's better to keep without a
redirect to avoid some HG problems
Upgrade-Insecure-Requests: ignored
HSTS - none
SCP: yes, but may be more strict.
openjdk.java.net
Redirect from HTTP to HTTPS: no, this can be definetely made
Upgrade-Insecure-Requests: ignored
HSTS - none
SCP: yes, but may be more strict.
On Tue, 25 Sep 2018 at 17:48, Mario Torre <neugens.limasoftware at gmail.com>
wrote:
> Great news, thanks!
>
> Cheers,
> Mario
> Il giorno mar 25 set 2018 alle ore 16:45 <mark.reinhold at oracle.com> ha
> scritto:
> >
> > We’ve enabled HTTPS for {cr,hg,mail}.openjdk.java.net, and
> > for openjdk.java.net itself:
> >
> > https://cr.openjdk.java.net
> > https://hg.openjdk.java.net
> > https://mail.openjdk.java.net
> > https://openjdk.java.net
> >
> > Please try using HTTPS with these subdomains, and report any
> > problems to ops at openjdk.java.net. After we shake these out
> > for a couple of weeks we’ll configure redirects and policies
> > so that these subdomains are HTTPS-by-default.
> >
> > - Mark
>
>
>
> --
> pgp key: http://subkeys.pgp.net/ PGP Key ID: 80F240CF
> Fingerprint: BA39 9666 94EC 8B73 27FA FC7C 4086 63E3 80F2 40CF
>
> Java Champion - Blog: http://neugens.wordpress.com - Twitter: @neugens
> Proud GNU Classpath developer: http://www.classpath.org/
> OpenJDK: http://openjdk.java.net/projects/caciocavallo/
>
> Please, support open standards:
> http://endsoftpatents.org/
>
--
Sergey Ponomarev <https://linkedin.com/in/stokito>, skype:stokito
More information about the discuss
mailing list