Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: default to https when recovering .eth #847

Merged
merged 2 commits into from
Oct 16, 2020
Merged

fix: default to https when recovering .eth #847

merged 2 commits into from
Oct 16, 2020

Conversation

lidel
Copy link
Member

@lidel lidel commented Feb 14, 2020
edited
Loading

Closes #841 – please see it for full context

This PR ensures that navigating to almonit.eth/ or http://almonit.eth/ uses HTTPS URL https://almonit.eth.link/

@lidel lidel mentioned this pull request Feb 14, 2020
Closed
@lidel
Copy link
Member Author

lidel commented Mar 22, 2020

Note to self: we will be able to recover to http://almonit.eth.ipns.localhost:8080 after #853 lands.

@nachomazzara
Copy link

I'm interested in this too. Any update?

Will work for any https://**.eth.link site?

@lidel lidel added this to the v2.15 milestone Oct 13, 2020
@lidel
Copy link
Member Author

lidel commented Oct 13, 2020

@nachomazzara this will work for all sites, however subdomains will cause HTTPS certificate error, as noted in #841 (comment)

@nachomazzara
Copy link

@nachomazzara this will work for all sites, however subdomains will cause HTTPS certificate error, as noted in #841 (comment)

Where the fix should come from?

@lidel
Copy link
Member Author

lidel commented Oct 14, 2020
edited
Loading

  • short answer: it is up to the operator of HTTP gateway such as https://eth.link to set up a proper certificate for each subdomain.
    • longer answer: only a single level of wildcards is supported in PKI, so additional orchestration is needed to request wildcard certificates for subdomains while they are requested for the first time. gateway operator needs to taken care of this + negotiate with a Certificate Authority if this behavior is allowed (some CA explicitly forbid "mining certificates on the fly" in their ToS). there is also a political aspect: parts of DWeb community are highly adversarial towards PKI and may prefer to spend time and resources on other things. so this is a multi-layered problem.

@lidel lidel merged commit 60aa5d1 into master Oct 16, 2020
@lidel lidel deleted the fix/https-eth-gateway branch October 16, 2020 13:40
@github-actions github-actions bot mentioned this pull request Feb 16, 2023
Closed
@github-actions github-actions bot mentioned this pull request Sep 21, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v2.15
Development

Successfully merging this pull request may close these issues.

Redirecting .ETH/ -> .ETH.LINK should use HTTPS instead of HTTP
2 participants
@lidel @nachomazzara