Re: Proposal: For sites_https, allow GitHub pages + custom domain + CloudFlare to implement HTTPS for project site


Mark Rader
 

David

For your explicit exception

Create an explicit exception for users of Github Pages who implement a Cloudfare proxy according to <https://blog.cloudflare.com/secure-and-fast-github-pages-with-cloudflare/> and set the non-HTTPS pages to redirect to HTTPS.

Does that mean that you have to implement a proxy only out of Cloudfare or could you use any other equivalent service if some other service exists.

Mark

On Wed, Dec 21, 2016 at 3:22 PM, Wheeler, David A <dwheeler@...> wrote:
All: *Many* projects use GitHub pages with custom domains, but GitHub does not natively support HTTPS if you’re using GitHub pages with custom domains.

I think we should make it clear that using a CDN like CloudFlare as a workaround is acceptable if you’re using GitHub pages with custom domains.  This is a common solution.  GitHub *does* support HTTPS if you’re not using custom domains (that was a change made earlier this year).  Some background:
https://help.github.com/articles/securing-your-github-pages-site-with-https/
https://konklone.com/post/github-pages-now-sorta-supports-https-so-use-it
https://github.com/isaacs/github/issues/156

Create an explicit exception for users of Github Pages who implement a Cloudfare proxy according to <https://blog.cloudflare.com/secure-and-fast-github-pages-with-cloudflare/> and set the non-HTTPS pages to redirect to HTTPS.

The current sites_https criterion says: “The project sites (website, repository, and download URLs) MUST support HTTPS using TLS.  You can get free certificates from [Let's Encrypt](https://letsencrypt.org/)

Proposed addition:
If you are using GitHub pages with custom domains, you MAY use a content delivery network (CDN) such as CloudFlare as a proxy to support HTTPS; see <a href=”https://blog.cloudflare.com/secure-and-fast-github-pages-with-cloudflare/”>Secure and fast GitHub Pages with CloudFlare</a>.

Thoughts?

--- David A. Wheeler

_______________________________________________
CII-badges mailing list
CII-badges@lists.coreinfrastructure.org
https://lists.coreinfrastructure.org/mailman/listinfo/cii-badges

Join CII-badges@lists.coreinfrastructure.org to automatically receive all group messages.