[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [libreoffice-website] Changes with Chrome


Hi,

At Ipfire, a migration deadline was set and then all http only mirrors
were removed from the list. :)

> We consider HTTPS only on mirror servers a change with security benefit
> for IPFire users. Since getting trusted DV certificates is not a problem
> anymore - although Let's Encrypt grows bigger and bigger, becoming
> too big to fail one day - and cryptography acceleration is widely common,
> I do not see a technical reason against this.
>
> Thereof, I propose 2018-10-01 as a deadline to this, removing every
> mirror from the list which does not provide HTTPS then.


You could post your https plans to the mirrors mailing list -
mirrors@documentfoundation.org - so everyone involved would be informed.

My priority is to avoid damaging the user experience when downloading,
so if You planning to disable the other two .hu mirrors please do not
send all the .hu traffic to my server because the download time would be
greatly increased.


Thank you for considering the suggestion. :)


Cheers,

Peter


On 2020. 02. 09. 20:37, Guilhem Moulin wrote:
> Hi,
>
> On Sun, 09 Feb 2020 at 17:05:11 +0100, Florian Effenberger wrote:
>> - Chrome seems to disable insecure (i.e. FTP and HTTP) downloads from secure
>> websites (HTTPS) like ours in the future.
> AFAICT only http:// mirror baseURLs are impacted, because the download
> page doesn't redirect to ftp:// nor rsync:// links.
>
> In the past 2 years or so I've regularly run a script to upgrade
> baseURLs (typical case is when the operator of an old mirror silently
> adds TLS support). Right now 72/113 (63.71%) have an https:// base URL.
> Grouping by region,
>
> region | insecure | total | ratio
> --------+----------+-------+-------
> af | 2 | 4 | 50.00
> na | 6 | 13 | 46.00
> eu | 23 | 62 | 37.00
> oc | 1 | 3 | 33.00
> as | 5 | 17 | 29.00
> sa | 4 | 14 | 28.00
>
> and by country (only for ratio ≥50%)
>
> country | insecure | total | ratio
> ---------+----------+-------+--------
> pl | 1 | 1 | 100.00
> tr | 1 | 1 | 100.00
> za | 1 | 1 | 100.00
> nc | 1 | 1 | 100.00
> ru | 2 | 2 | 100.00
> kr | 1 | 1 | 100.00
> at | 1 | 1 | 100.00
> lk | 1 | 1 | 100.00
> by | 1 | 1 | 100.00
> bw | 1 | 1 | 100.00
> ro | 1 | 1 | 100.00
> ba | 1 | 1 | 100.00
> bd | 1 | 1 | 100.00
> pt | 2 | 3 | 66.00
> hu | 2 | 3 | 66.00
> cz | 1 | 2 | 50.00
> br | 4 | 8 | 50.00
> jp | 1 | 2 | 50.00
> ca | 1 | 2 | 50.00
> id | 1 | 2 | 50.00
> us | 5 | 10 | 50.00
> dk | 1 | 2 | 50.00
>
> It's not clear to me how disruptive the change will be in practice,
> because we have redirects between the download page and the actual
> mirror. However https:// adoption is at a point where we could remove
> http:// base URLs without notice without causing too much disruption on
> the remaining mirrors nor users (except perhaps those in south Africa
> and Russia).
>
> Also, the target mirror is send to Matomo like other download metrics.
> In January I see 3 (resp. 12) HTTP mirrors with ≥2% (resp. ≥1%) of
> redirects. Among these only the Russian mirrors don't have a HTTPS
> fallback nearby (but we have some in Eastern Europe and Asia).
>

--
To unsubscribe e-mail to: website+unsubscribe@global.libreoffice.org
Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette
List archive: https://listarchives.libreoffice.org/global/website/
Privacy Policy: https://www.documentfoundation.org/privacy

References:
[libreoffice-website] Changes with ChromeFlorian Effenberger <floeff@documentfoundation.org>
Re: [libreoffice-website] Changes with ChromeGuilhem Moulin <guilhem@libreoffice.org>
Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.