https on the wiki

102 views
Skip to first unread message

mmarco

unread,
Jan 20, 2016, 6:21:38 AM1/20/16
to sage-devel
Since wiki.sagemath.org requires login for editing (that is, sending the password through the internet)... ¿shouldn't that be done through https?

On a related note, the certificate for trac.sagemath.org that I am getting is expired, and self-signed

Could we get a certificate (for instance, from www.letsencrypt.org ) that doesn't scare people away from using secure connections?

William Stein

unread,
Jan 20, 2016, 9:59:13 AM1/20/16
to sage-devel
On Wed, Jan 20, 2016 at 3:21 AM, mmarco <mma...@unizar.es> wrote:
> Since wiki.sagemath.org requires login for editing (that is, sending the
> password through the internet)... ¿shouldn't that be done through https?

Yes.

> On a related note, the certificate for trac.sagemath.org that I am getting
> is expired, and self-signed

I think it always has been self-signed...

> Could we get a certificate (for instance, from www.letsencrypt.org ) that
> doesn't scare people away from using secure connections?

That would be great.

Are you volunteering to do everything?

William

>
> --
> You received this message because you are subscribed to the Google Groups
> "sage-devel" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to sage-devel+...@googlegroups.com.
> To post to this group, send email to sage-...@googlegroups.com.
> Visit this group at https://groups.google.com/group/sage-devel.
> For more options, visit https://groups.google.com/d/optout.



--
William (http://wstein.org)

mmarco

unread,
Jan 20, 2016, 12:38:21 PM1/20/16
to sage-devel
If someone gives me access to the corresponding servers, yes, I can do it.

William Stein

unread,
Jan 20, 2016, 8:27:55 PM1/20/16
to sage-devel
Hi,

I thought about this some more today: I personally have zero interest
or time for personally running wiki.sagemath.org anymore. It's just
been coasting for the last year or two. The moment some spammer takes
it over, the UW would just take it offline. The only ways forward
are either (1) somebody volunteers to take over running the site, or
(2) we move to github's wiki pages.

Right now I'm trying to find somebody who even remembers their
password for sudo ssh on wiki.sagemath.org...

Don't tell me (2) isn't possible. If nothing else, we could just do a
static dump of the site which would be hosted as part of
www.sagemath.org, then start fresh with github (maybe copy over a few
key things that get used a lot, e.g., upcoming sage days and maybe the
interacts).

-- William
--
William (http://wstein.org)

R. Andrew Ohana

unread,
Jan 20, 2016, 8:33:40 PM1/20/16
to sage-...@googlegroups.com
On Wed, Jan 20, 2016 at 5:27 PM, William Stein <wst...@gmail.com> wrote:
Hi,

I thought about this some more today: I personally have zero interest
or time for personally running wiki.sagemath.org anymore.  It's just
been coasting for the last year or two.  The moment some spammer takes
it over, the UW would just take it offline.   The only ways forward
are either (1) somebody volunteers to take over running the site, or
(2) we move to github's wiki pages.

Right now I'm trying to find somebody who even remembers their
password for sudo ssh on wiki.sagemath.org...

Don't tell me (2) isn't possible.  If nothing else, we could just do a
static dump of the site which would be hosted as part of
www.sagemath.org, then start fresh with github (maybe copy over a few
key things that get used a lot, e.g., upcoming sage days and maybe the
interacts).

For (2), Chris Swenson and I did some experiments [1] a couple years ago and it worked reasonably well. It is probably a decent place to start for anyone interested in going in that direction.

[1] https://github.com/swenson/sagewiki
 



--
Andrew

Samuel Lelievre

unread,
Jan 21, 2016, 6:47:04 AM1/21/16
to sage-devel
+1 to letsencrypt, which was already discussed in this sage-devel discussion
https://groups.google.com/d/topic/sage-devel/l9zS4IPioPE/discussion

related link
https://vincent.composieux.fr/article/install-configure-and-automatically-renew-let-s-encrypt-ssl-certificate

Who can give mmarco the appropriate access?

William Stein

unread,
Jan 21, 2016, 12:36:01 PM1/21/16
to sage-devel
On Thu, Jan 21, 2016 at 3:47 AM, Samuel Lelievre
<samuel....@gmail.com> wrote:
> +1 to letsencrypt, which was already discussed in this sage-devel discussion
> https://groups.google.com/d/topic/sage-devel/l9zS4IPioPE/discussion
>
> related link
> https://vincent.composieux.fr/article/install-configure-and-automatically-renew-let-s-encrypt-ssl-certificate
>
> Who can give mmarco the appropriate access?

I can and have offered to offlist -- I'm waiting to here back from him
(with his ssh public key).

William

>
> Le mercredi 20 janvier 2016 17:38:21 UTC, mmarco a écrit :
>>
>> If someone gives me access to the corresponding servers, yes, I can do it.
>>
>> El miércoles, 20 de enero de 2016, 15:59:13 (UTC+1), William escribió:
>>>
>>> On Wed, Jan 20, 2016 at 3:21 AM, mmarco <mma...@unizar.es> wrote:
>>> > Since wiki.sagemath.org requires login for editing (that is, sending
>>> > the
>>> > password through the internet)... ¿shouldn't that be done through
>>> > https?
>>>
>>> Yes.
>>>
>>> > On a related note, the certificate for trac.sagemath.org that I am
>>> > getting
>>> > is expired, and self-signed
>>>
>>> I think it always has been self-signed...
>>>
>>> > Could we get a certificate (for instance, from www.letsencrypt.org )
>>> > that
>>> > doesn't scare people away from using secure connections?
>>>
>>> That would be great.
>>>
>>> Are you volunteering to do everything?
>>>
>>> William
>>>

Thierry

unread,
Jan 21, 2016, 2:23:01 PM1/21/16
to sage-...@googlegroups.com
Hi,

there is also an issue with passwords not connected to trac accounts
anymore, though i do not know how this connection was set up (ldap?), and
why it was unset.

I do not have access to the wiki VM but i know there are some people
getting organized in the admin of ask.sagemath.org (which is enduring a
lot of spam and whose upgrades are tricky). I do not want to speak for
this group, but perhaps we should join our forces so that all web services
are maintained by a larger collaborative group in a similar way (e.g.
uniform choice of the webserver, duplication of antispam measures,
backups, etc).

Ciao,
Thierry





On Thu, Jan 21, 2016 at 09:35:15AM -0800, William Stein wrote:
> On Thu, Jan 21, 2016 at 3:47 AM, Samuel Lelievre
> <samuel....@gmail.com> wrote:
> > +1 to letsencrypt, which was already discussed in this sage-devel discussion
> > https://groups.google.com/d/topic/sage-devel/l9zS4IPioPE/discussion
> >
> > related link
> > https://vincent.composieux.fr/article/install-configure-and-automatically-renew-let-s-encrypt-ssl-certificate
> >
> > Who can give mmarco the appropriate access?
>
> I can and have offered to offlist -- I'm waiting to here back from him
> (with his ssh public key).
>
> William
>
> >
> > Le mercredi 20 janvier 2016 17:38:21 UTC, mmarco a écrit :
> >>
> >> If someone gives me access to the corresponding servers, yes, I can do it.
> >>
> >> El miércoles, 20 de enero de 2016, 15:59:13 (UTC+1), William escribió:
> >>>
> >>> On Wed, Jan 20, 2016 at 3:21 AM, mmarco <mma...@unizar.es> wrote:
> >>> > Since wiki.sagemath.org requires login for editing (that is, sending
> >>> > the
> >>> > password through the internet)... żshouldn't that be done through

William Stein

unread,
Jan 21, 2016, 3:06:05 PM1/21/16
to sage-devel
On Thu, Jan 21, 2016 at 11:22 AM, Thierry
<sage-goo...@lma.metelu.net> wrote:
> Hi,
>
> there is also an issue with passwords not connected to trac accounts
> anymore, though i do not know how this connection was set up (ldap?), and
> why it was unset.
>
> I do not have access to the wiki VM but i know there are some people
> getting organized in the admin of ask.sagemath.org (which is enduring a
> lot of spam and whose upgrades are tricky). I do not want to speak for
> this group, but perhaps we should join our forces so that all web services
> are maintained by a larger collaborative group in a similar way (e.g.
> uniform choice of the webserver, duplication of antispam measures,
> backups, etc).

+1

I can give people access to the wiki VM if they want to work on it...
I think in the long run it would be better though to host it "in the
cloud". If somebody could estimate the cost, and it isn't too much, I
could probably have SageMath, Inc. pay for it (really it would come
out of the Google Summer of Code org payment from 2015, which is over
$2K, and is currently being used mainly for the sage cell server
(about $100/month)). With Google compute engine, we can setup a GCE
project (with SAgeMath, Inc. paying the bill), and add a specific
group of people so they have read/write access to the VM (or VM's) in
that project. I think wiki.sagemath.org shouldn't take too much in
the way of cpu power.

But I can't do the work, beyond maybe creating the GCE project and
giving access to the current VM, so people can copy the data/config
out.

William

mmarco

unread,
Jan 24, 2016, 5:32:35 PM1/24/16
to sage-devel
I have added https support for the wiki page, with a certificate signed by letsnecrypt. The http version redirects to the https version.

It is possible that your browser might complain about insecure elements in the page. That is due to resources that are taken from other webpages that either have no secure connection, or are using a self-signed certificate. 

William Stein

unread,
Jan 24, 2016, 7:48:17 PM1/24/16
to sage-devel
On Sun, Jan 24, 2016 at 2:32 PM, mmarco <mma...@unizar.es> wrote:
> I have added https support for the wiki page, with a certificate signed by
> letsnecrypt. The http version redirects to the https version.

Thank you!

>
> It is possible that your browser might complain about insecure elements in
> the page. That is due to resources that are taken from other webpages that
> either have no secure connection, or are using a self-signed certificate.
>
Reply all
Reply to author
Forward
0 new messages