[pydotorg-www] Securing "infrastructure" parts of python.org with SSL

lists at nidelven-it.no lists at nidelven-it.no
Fri Dec 7 15:26:35 CET 2012


> Am 28.11.12 11:58, schrieb lists at nidelven-it.no:
>> I'm looking into whether we can sponsor SSL-certificates for important
>> python.org websites such as docs.python.org, wiki.python.org,
>> pypi.python.org and www.python.org.
>>
>> For security reasons for us and community I'd like to see all of these
>> (and maybe some other subdomains) secured, and setup to always switch to
>> SSL, making the websites unavailable on http (which is just setup to
>> redirect to https).
>>
>> Is that something you would consider?
>
> Please understand that this is not primarily a financial issue. Instead,
> this is an organizational problem, i.e. the administrative effort of
> applying for the certificates, proving authenticity of the PSF, etc.
> The PSF is readily able to actually pay for the certificates (although
> donations are certainly appreciated as well).
>
> Several people have offered to work on this on the past, and they all
> have run away after some time. Consider that you will be working with
> volunteers, which sometimes don't respond for weeks or even months.
>
> So if you really want this, and would be available for the years to
> come to keep it updated: contributions are welcome (details to
> follow in this case).

Yeah, footing the bill for the certificates isn't a big thing for such a
big project that Python is..

Yes I could work with people to get SSL going.  I'm not sure where to
start though, and would like some pointers as to who I can talk to.

I'm not always available (self-employed so stress and work amount goes up
and down), but could try to set up things so that a group of people, or
someone new, can maintain it as a whole.

-- 
Nidelven IT || We know Python, Zope & Plone

http://www.nidelven-it.no/



More information about the pydotorg-www mailing list