Access to only via TLS

Martin Gollowitzer gollo at
Wed Apr 30 10:25:24 CEST 2014

* Doug Barton <dougb at> [140430 10:05, 
  mID <5360AE82.6070505 at>]:

> On 04/30/2014 12:41 AM, Werner Koch wrote:
> >Hi,
> >
> >I have changed the website setup so that any plain text access to
> > is redirected to .  Strict Transport
> >Security (HSTS) has also been enabled.
> >
> >In case of problems with TLS you may use www dot tla-friendly dot
> > to view the pages.
> >
> >Note that https is not enforced for and the other
> >services because over there we use CAcert certificates which do not work
> >widely enough.
> All good news. :)
> >If there is an interest to have lists at https as well,
> >I consider to purchase a certificate for it.
> I know it's been discussed on the list before, but I'm quite happy
> with, and you certainly can't beat the
> price. :)

You might want to consider my blogpost about StartSSL [1]. Despite that,
the SSLLabs test shows two small issues when testing [2], one
of which is the too short time sent in the HSTS header.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 665 bytes
Desc: Digital signature
URL: </pipermail/attachments/20140430/d0280e27/attachment.sig>

More information about the Gnupg-users mailing list