[MacPorts] #57672: Add DNS CAA record for MacPorts domains
MacPorts
noreply at macports.org
Mon Nov 26 21:58:43 UTC 2018
#57672: Add DNS CAA record for MacPorts domains
-----------------------------+---------------------
Reporter: ryandesign | Owner: admin@…
Type: enhancement | Status: new
Priority: Normal | Milestone:
Component: server/hosting | Version:
Resolution: | Keywords:
Port: |
-----------------------------+---------------------
Comment (by ryandesign):
[https://crt.sh/?Identity=%25macports.org&iCAID=16418 Searching crt.sh],
kmq.jp, pek.cn, and sha.cn are using Let's Encrypt certificates. (We've
only configured mirror_sites.tcl to use https for pek.cn; I didn't know
until I searched that the other two had issued certificates.) I'm not
aware of any other mirrors using https for the MacPorts hostnames; they
haven't informed us of such and we haven't configured mirror_sites.tcl for
it.
We have a mailing list for mirror admins, but we haven't informed the
mirror admins of this yet or invited them to join it. We should do that.
Then we can ask them if they have any opinions on this matter.
If the current mirror admins agree this change is reasonable, we could
even recommend the use of Let's Encrypt in the [wiki:Mirroring mirroring
instructions]. They don't currently mention https because I wrote them
before Let's Encrypt existed, back when getting an https certificate
generally meant paying money, which I didn't want to ask our mirror admins
to do.
--
Ticket URL: <https://trac.macports.org/ticket/57672#comment:3>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list