json-schema.org over https #80
Comments
|
👍 |
|
@kriszyp do you have any access to the json-schema.org DNS configuration at this point? Or are we still totally locked out of the actual account? (for those just joining us, the original person who set it up left the project and does not respond to efforts to contact him, which is also why we're not still using the original repository here on GitHub). If we do, I can look into getting an organization account for the project (I work at Cloudflare). Otherwise we can put it on my personal Cloudflare account. |
|
@Relequestual how did the DNS get pointed to the site pages on this repo when we moved here after losing the old repo? |
|
It was already pointed at Github, and so it was just a matter of getting the old repo to update to not include the CNAM file, and comitting the CNAME file to this repo. Sorta sucks. |
|
Yeah I think Network Solutions also allows you to pay by clicking the renewal email without logging in. Weird, but at least we got the domain to keep running. |
|
I just found this issue because I was wondering why JSON schemas were not being served over SSL, and am now more concerned that there's a question as to who even owns the domain. Tons of people use JSON schemas, and link to the JSON schema spec on http://json-schema.org/ ... it is very concerning that there's questions of ownership of the domain, and no plan to get SSL going on it. That leaves it vulnerable for lots of people to be embedding content in their apps or sites that comes from an untrusted (easily man-in-the-middleable) location. Have the domain registration issues been worked out? Is there any plan to support SSL? |
|
@jthomerson I just sent @kriszyp another email to see if he can help. Someone put the DNS on Cloudflare at some point and therefore had some level of access. Beyond that, if you've read this issue and the linked issues, you know as much as anyone here. |
|
Kris got back to me but didn't know much more than we already knew. He confirmed that he does not have any kind of access to the registrar account. However, I might have another lead. Stay tuned... |
|
@adamvoss I doubt it will be necessary but we'll pursue it if we can't track down the actual owner. |
|
Note that while GitHub theoretically now offers HTTPS with custom domains, it does not work with our cert (I haven't figured out why). We have, however, located the domain owners and will be working with them on the problem once various people are back from vacations and conferences. |
|
While attempting to transfer the "understanding json schema" site repo to the json-schema-org github organisation (aka us), we had an issue where the new repo auto enabled https, and wouldn't allow you to uncheck it (which is a bit weird). I contacted Github support, and they said we need to change some DNS settings to fix it, so we forked the repo back to the original I fired off an email to Kris Borchers at the JS Foundation who is suposidly the person who can resolve the issue of control for us, on 2018/07/20. I'll give him a little time (a week?) to reply. Github Support said if we expect taking control of the domain to take a long time, they could ask the team to disable the HTTPS redirect, which was causing an invalid cert warning on the migrated repo site. SO, that's the reason that it doesn't work for our domain! |
|
This has now been fixed! Thanks to @Relequestual and the folks at the JS Foundation who got this worked out! |
|
@handrews is it possible to get http redirecting to https? Maybe even adding HSTS headers? |
I think json-schema.org should be served other SSL. json-schema.org does not really serve sensitive information (maybe http://json-schema.org/draft-04/schema ). anyway having only http:// will make it harder and harder to link to and embed content from json-schema.org (eg: a browser based json-schema validator trying to download http://json-schema.org/draft-04/schema).
unfortunately, github does not yet support serving pages over SSL. but apparently cloudflare could be used for this instead : https://blog.cloudflare.com/secure-and-fast-github-pages-with-cloudflare/ (given someone has access to the DNS configuration of json-schema.org)
The text was updated successfully, but these errors were encountered: