[tor-bugs] #22186 [Internal Services/Tor Sysadmin Team]: Apache HTTP Server

2017-05-07 Thread Tor Bug Tracker & Wiki 
#22186: Apache HTTP Server
-+-
 Reporter:  sainslie |  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 I rebuilt the Apache HTTP Server Content Security Policy for the
 organization's public-facing domain names and sub-domains. I rebuilt it
 because it's outdated and unsafe. I'd like to submit it to strengthen its
 public-facing Apache HTTP Server configuration.
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1

 iQIcBAEBAgAGBQJZD6dWAAoJEM18vpeSzTzCHycP+QH1MFBZKyw/qD9OGfIeKTS3
 wxtv+VLQbbwqxWTITVT0g92vKFRQ0rPrSn/kDlhbfoh37cuMmhIm53OFyF/FkAUI
 xEmjgKwWsO94UsxfQc4QsX/7rjl+LrJZS7+5Bktu4WiDVuiP/Lfl3VlnOEWTpZWT
 rMhrYAQHU/orJ4nR6mzVpVxue3hOUr2vbOcRRvj4cUHPwbhFk/1CVzSAjbvm89n/
 txxRN15i0KpFxHv8vDFXD7Q/Om4dBv3Yuzr74tKt3Ro4ndE+dr3IRv1GKQE3oIge
 KfIByqLW2QzCuIVG0KJJTUqiDJ4bzhYumKuV8NmAyHPghMEllrMBjSf0TLx1JK31
 ZWaOrIP8dGq7eNlvNpfSRUgKDdbLUX4nz674XAYVxGJiR0CREoDAW0TBgZOYLsQN
 WB83ZG0xHxoJjaWdnlQJ3U3mowQqU1GwcqxNkhNsaQv+Dd1M2+JDtlzdVUm2UTu2
 WUa0d+1v6CUGBDCCcjiOX3qoy4zV1h9SpMRASj0RvhKYGByCFp+K3OciJLpfjiuA
 m1fTbLZ1PjFbw0Y3IxrzQnGgY1aGenSe/5OIAszXCBpll8eLVDfLDuGua+Z5rxzK
 lyfjCm5lVUjRJ6zAh8LoellEUBTO54UolpaT/HIhQS+GF0ZuaNqfw3SV4HcwrCfG
 HF694gqngRum9kSWGQoo
 =mIcI
 -END PGP SIGNATURE-

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22186 [Internal Services/Tor Sysadmin Team]: Apache HTTP Server

2017-05-08 Thread Tor Bug Tracker & Wiki 
#22186: Apache HTTP Server
-+-
 Reporter:  sainslie |  Owner:  tpa
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  invalid
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by weasel):

 * status:  new => closed
 * resolution:   => invalid


Comment:

 Please provide incremental changes to the existing headers, indicate which
 service they are for, and what the changes are doing, exactly, instead of
 just dumping a huge security.conf we can't possibly use this way on us.

 Thanks for trying to help

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22186 [Internal Services/Tor Sysadmin Team]: Apache HTTP Server

2017-05-11 Thread Tor Bug Tracker & Wiki 
#22186: Apache HTTP Server
-+-
 Reporter:  sainslie |  Owner:  tpa
 Type:  defect   | Status:
 |  reopened
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by sainslie):

 * status:  closed => reopened
 * cc: scott@… (added)
 * resolution:  invalid =>


Comment:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA512

 I rebuilt the Apache HTTP Server Content Security Policy for the
 organization's canonical domain name. I rebuilt it because it's outdated
 and unsafe. I added Cascading Style Sheets Secure Hash Algorithm 2 output.
 -BEGIN PGP SIGNATURE-

 iQIcBAEBCgAGBQJZFFWBAAoJEM18vpeSzTzCM3AQAJG6OVonJdbg+LMSARmi5BkW
 q3xGDDzwQiJ3QtwugXOWocv8GjIvpupX6ACkK7H+gtiQ/i/VolUZwQur49jQEzWN
 zuKpft+fIItHtEE05wRxfhTnD1XDDhiWawU0vOsosHIzBMZlNHkD18ZpSSoBXCJI
 2y9uaI0siZcDx1BJzMRW2Lmia8QrXJtnvoK9boAtFeN+lyT8NnJARyeDfPz4PID+
 wvFvbebvRKCt9M82f8FngMdigykO31Qus8kP3nuAso//MVmcXEQWTcHcU+ibG9qK
 ddyQgBPdP6YXuRhM00lcFRCHJsyKw3D+MvzA+WBJ4vcIGQ757J9cJpS1x2e5mV3O
 OJGiYXtpJ2KMrqNGEAwIb48QQJA2vwdgirwWJ97pq0DSAer8VnPozJxOhsGYZ5yR
 b2dimt4OxsHt1zkJeZ8OlFciXA/4HOK1tU2Z+Szfw5/a22bdpumdpC2dUkAONnm6
 Vu2uaJ51M4ednBtvnM53aRSiGztMa/2ATGe4c6ukmUEPXmvoDAnbEPzWTf53XlCm
 LYNzrYW+8HpUjQKgQ91uL4EEegjMeKtJ+6CqQ1ejBoObgBy/fom06fpCVKIuyOwc
 9oT125mYZn0uXVQvLuFTJK13bxciOy9XxyjCARqi1pdBHPOONEvuH/Vq95KEfMXz
 AOey1dbbWWQVwWZLMNGK
 =i2fD
 -END PGP SIGNATURE-

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22186 [Internal Services/Tor Sysadmin Team]: Apache HTTP Server

2017-05-11 Thread Tor Bug Tracker & Wiki 
#22186: Apache HTTP Server
-+-
 Reporter:  sainslie |  Owner:  tpa
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  invalid
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by weasel):

 * status:  reopened => closed
 * resolution:   => invalid


Comment:

 As explained previously, the way these proposed changes are provided are
 not helpful.  They cannot be applied to our setup this way.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs