Hi, I'm looking into whether we can sponsor SSL-certificates for important python.org websites such as docs.python.org, wiki.python.org, pypi.python.org and www.python.org. For security reasons for us and community I'd like to see all of these (and maybe some other subdomains) secured, and setup to always switch to SSL, making the websites unavailable on http (which is just setup to redirect to https). Is that something you would consider? -- Nidelven IT || We know Python, Zope & Plone http://www.nidelven-it.no/
Am 28.11.12 11:58, schrieb lists@nidelven-it.no:
I'm looking into whether we can sponsor SSL-certificates for important python.org websites such as docs.python.org, wiki.python.org, pypi.python.org and www.python.org.
For security reasons for us and community I'd like to see all of these (and maybe some other subdomains) secured, and setup to always switch to SSL, making the websites unavailable on http (which is just setup to redirect to https).
Is that something you would consider?
Please understand that this is not primarily a financial issue. Instead, this is an organizational problem, i.e. the administrative effort of applying for the certificates, proving authenticity of the PSF, etc. The PSF is readily able to actually pay for the certificates (although donations are certainly appreciated as well). Several people have offered to work on this on the past, and they all have run away after some time. Consider that you will be working with volunteers, which sometimes don't respond for weeks or even months. So if you really want this, and would be available for the years to come to keep it updated: contributions are welcome (details to follow in this case). Regards, Martin
Am 28.11.12 11:58, schrieb lists@nidelven-it.no:
I'm looking into whether we can sponsor SSL-certificates for important python.org websites such as docs.python.org, wiki.python.org, pypi.python.org and www.python.org.
For security reasons for us and community I'd like to see all of these (and maybe some other subdomains) secured, and setup to always switch to SSL, making the websites unavailable on http (which is just setup to redirect to https).
Is that something you would consider?
Please understand that this is not primarily a financial issue. Instead, this is an organizational problem, i.e. the administrative effort of applying for the certificates, proving authenticity of the PSF, etc. The PSF is readily able to actually pay for the certificates (although donations are certainly appreciated as well).
Several people have offered to work on this on the past, and they all have run away after some time. Consider that you will be working with volunteers, which sometimes don't respond for weeks or even months.
So if you really want this, and would be available for the years to come to keep it updated: contributions are welcome (details to follow in this case).
Yeah, footing the bill for the certificates isn't a big thing for such a big project that Python is.. Yes I could work with people to get SSL going. I'm not sure where to start though, and would like some pointers as to who I can talk to. I'm not always available (self-employed so stress and work amount goes up and down), but could try to set up things so that a group of people, or someone new, can maintain it as a whole. -- Nidelven IT || We know Python, Zope & Plone http://www.nidelven-it.no/
participants (2)
-
"Martin v. Löwis" -
lists@nidelven-it.no