[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] Re: #1725 [EFF-HTTPS Everywhere]: kernel.org ruleset
#1725: kernel.org ruleset
----------------------------------+-----------------------------------------
Reporter: rransom | Owner: pde
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: | Parent:
----------------------------------+-----------------------------------------
Comment(by rransom):
Replying to [comment:1 bee]:
> Hi!!!!!!!!!!!!!!
> Thank you for this rule set!!!!!!! However it doesn't work very well!!!
> This is a working example of non-working domains!!!!!! haha!!!!!!!!!
>
http://mirrors2.kernel.org/fedora/updates/testing/13/i386/beesu-2.6-1.fc13.i686.rpm
>
http://mirrors3.kernel.org/fedora/updates/testing/13/i386/beesu-2.6-1.fc13.i686.rpm
>
http://mirrors4.kernel.org/fedora/updates/testing/13/i386/beesu-2.6-1.fc13.i686.rpm
Thanks -- I didn't know the mirrors# subdomains were still available. The
new ruleset adds an exception for âmirrors#.kernel.orgâ.
I ran DNS lookups for mirrors[12].(us|eu).kernel.org and got NXDOMAIN
errors for all of them, so I didn't add an exception for mirrors
subdomains with numbers ''and'' country codes. I think another âdoesn't
workâ bug report is less dangerous than silently allowing non-SSL access
to a site that shouldn't exist.
> I don't know if there are others non working domains!!!!! but no mirrors
work!!!!!! this is not expected!!!!
As I wrote in the ticket, kernel.org is now advertising HTTPS support on
all subdomains ''except'' mirrors.kernel.org. The lack of HTTPS support
for mirrors# isn't unexpected, but a ruleset that tries to use HTTPS for
those domains is still buggy.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/1725#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online