Mail archive
alpine-infra

Proposal for TLS on websites

From: Nathan Angelacos <nangel_at_alpinelinux.org>
Date: Fri, 26 Feb 2016 09:38:46 -0500

I'm leaning toward letsencrypt and 4096bit certs.

They don't allow wildcard certs, but do allow multiple Alt subject
Names. Startssl allows 5 alts (UCC) per cert free cert.

We currently have 61 entries in our zone file - a few are exempt/junk (I
don't think we need svn or blog anymore); but the rest are in use.

To start simple, here's a proposal:

Get a cert for:

alpinelinux.org

with Alt Subj Names of:

bugs.alpinelinux.org
forum.alpinelinux.org
git.alpinelinux.org
lists.alpinelinux.org
patchwork.alpinelinux.org
pkgs.alpinelinux.org
wiki.alpinelinux.org
www.alpinelinux.org

That would encompass the bulk of the "consumer" side of the project.

For now we leave the download and build servers bare http, and see how
this first step works.

---
Received on Fri Feb 26 2016 - 09:38:46 GMT