[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #31718 [Internal Services/Tor Sysadmin Team]: Update DNS records for .ooni.torproject.org domains

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #31718 [Internal Services/Tor Sysadmin Team]: Update DNS records for .ooni.torproject.org domains
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 17 Sep 2019 17:23:21 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 17 Sep 2019 13:23:31 -0400
In-reply-to: <047.f20886aa07714527822a01f961c5aef0@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.f20886aa07714527822a01f961c5aef0@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#31718: Update DNS records for .ooni.torproject.org domains
-------------------------------------------------+-------------------------
 Reporter:  hellais                              |          Owner:  anarcat
     Type:  defect                               |         Status:
                                                 |  assigned
 Priority:  Medium                               |      Milestone:
Component:  Internal Services/Tor Sysadmin Team  |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by hellais):

 So we looked into this with @anarcat and encountered the following issues:

 - The current setup has both HSTS and certificate pinning enabled for the
 ooni.torproject.org website
 - It is not straightforward to do custom HTTPS changes on the current ooni
 hosting service (netlify)

 Since the maxage for the certificate pinning is set to 60 days we will
 need to wait for that amount of time before we are able to migrate over.

 In the meantime @anarcat is going to see how to disable the certificate
 pinning headers from the ooni.torproject.org host config, so that we can
 begin waiting the 60 days after which we can proceed with the CNAME plan
 as mentioned above.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31718#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #31718 [Internal Services/Tor Sysadmin Team]: Update DNS records for .ooni.torproject.org domains
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #31589 [Core Tor/Tor]: hs-v3: Simplify decrypt_desc_layer interface
Next by Author: [tor-bugs] #31775 [Webpages/Website]: Submenu on people page clobbers text
Previous by thread: Re: [tor-bugs] #31718 [Internal Services/Tor Sysadmin Team]: Update DNS records for .ooni.torproject.org domains
Next by thread: Re: [tor-bugs] #31718 [Internal Services/Tor Sysadmin Team]: Update DNS records for .ooni.torproject.org domains
Index(es):
- Author
- Thread