While fixing a wrong link from my blog to the Rust site, I noticed that the https://www.rust-lang.org certificate is broken; the cert appears to refer to github. I’m ok with a self-signed cert if we cannot afford a real one, but this doesn’t exactly inspire confidence in the security-mindedness of Rust’s maintainers…
Yes, this is a consequence of using GitHub pages. We could introduce CloudFlare shenanigans to fix it, but it hasn’t been a particuarly high priority…
this doesn’t exactly inspire confidence in the security-mindedness of Rust’s maintainers
I would argue the opposite, actually. Focusing on things that actually matter over a blind “SSL all the things.” This doesn’t mean it won’t happen in the future, mind you, and now that we have @edunham to help with ops, maybe it’ll get done sooner, but complicating infrastructure to check a checkbox for minimal benefit isn’t a good use of time, IMHO.
Sorry if I did not make my intent clear; that “argument” was meant very tongue-in-cheek (I sometimes forget this is hard to convey online).
Anyway, don’t let me slow you down any more.
This issue is also being tracked over at https://github.com/rust-lang/rust/issues/13180. The main site has HTTPS problems because it’s hosted on GitHub Pages, whereas the subdomains point at other services.
The good news is that with CloudFlare, we can use our SSL cert to encrypt the connection between the user and CloudFlare, which will eliminate the symptom you complained about.
The bad news is that as long as we’re on GitHub Pages with a custom domain, we can’t encrypt the connection between CloudFlare and GitHub. So setting up CloudFlare will give users an illusion of security that’s only partially accurate.
In the short term, I have setting up CloudFlare on my todo list, which will make https://www.rust-lang.org usable and address the threat model of an attacker between the user and CloudFlare’s servers.
In the longer term, GitHub Pages might improve its HTTPS support or we might move the site onto our own hosting. However, the difficulty of intercepting traffic between GitHub and CloudFlare makes moving the site off of GitHub Pages a less pressing concern than many of our other infrastructure problems.
It’s all good, it happens
https://www.rust-lang.org cert is no longer broken.
strict-transport-security headers work is being tracked over at https://github.com/rust-lang/rust-www/issues/165 . It’s relatively low-urgency compared to issues like getting the Rust infrastructure building the snapshots that Servo needs for its tests, though.