[MPI3 Fortran] Agenda for MPI3 Fortran Working group next week

Jeff Squyres jsquyres at cisco.com
Wed Jun 3 08:59:09 CDT 2009 

I'm not going to debate the value of paying someone for an SSL  
certificate on this list; that is seriously off-topic here.

I've attached a PDF of ticket #140 for your reference.

To answer your question: SSL is used because Forum members have to  
login to the site with a username/password to create and edit tickets,  
etc. (we disallow anonymous/not-logged-in changes to prevent spam).   
Trac does not well accommodate having SSL for the login page and non- 
SSL for others.  As with many engineering endeavors, this was the best  
compromise that could be reached with the resources available.

I'll state again that the IU CS department has done a damn fine job of  
hosting everything.  If you think that you can perform these hosting  
services better, please let the MPI Forum leadership know.  Thanks.


On Jun 3, 2009, at 9:35 AM, N.M. Maclaren wrote:

> >The CA for that SSL certificate is here -- it covers all sites run by
> >the Indiana University Computer Science department (e.g., including
> >the Open MPI SSL-enabled web sites):
> >
> >     http://www.cs.indiana.edu/Facilities/FAQ/Mail/csci.crt
>
> Thanks.  That's not actually the biggest problem.
>
> >Install that CA and you should have no problems getting to the site.
> >Or just install the Firefox exception and you should be fine, too.
>
> Aargh!  NO, you are NOT!  The whole SSL/https design is cretinous, and
> that is seriously dangerous if you ever use your browser for anything
> important.
>
> The risk is that someone will hack that site, you will not hear  
> about it
> (because it isn't an official site), and the bogus key will be used to
> get your credit card details.  That is why you should NEVER install an
> 'unofficial' key (EVEN one that you trust).
>
> Note that "hacking that site" includes just getting hold of the  
> private
> key and running a DNS spoofer that catches you, so the site owner  
> changing
> key does NOT stop the insecurity - YOU have to cancel the key which,  
> in
> turn, means that you have to hear of the compromise.
>
> >Complain if you want to, but IMNSHO, IU has done a damn fine job of
> >hosting both Open MPI and the MPI Forum (and absorbing all the
> >associated costs).  Yes, I feel a little strongly about this  
> issue.  :-)
>
> All credit to them for that, but why https?  There are much simpler  
> and
> better mechanisms.
>
> >We're using Trac to keep track of MPI 2.2/3 proposals.  Sometimes it
> >unfortunately exhibits bugs like this -- just reload the page and it
> >should be fine.  I just went to that page right now and it worked for
> >me, FWIW.
>
> Thanks again.
>
>
> Regards,
> Nick Maclaren,
> University of Cambridge Computing Service,
> New Museums Site, Pembroke Street, Cambridge CB2 3QH, England.
> Email:  nmm1 at cam.ac.uk
> Tel.:  +44 1223 334761    Fax:  +44 1223 334679
>
> _______________________________________________
> mpi3-fortran mailing list
> mpi3-fortran at lists.mpi-forum.org
> http://lists.mpi-forum.org/mailman/listinfo.cgi/mpi3-fortran
>


-- 
Jeff Squyres
Cisco Systems
-------------- next part --------------
A non-text attachment was scrubbed...
Name: #140 (Add const Keyword to the C bindings) ? MPI Forum ? Trac.pdf
Type: application/pdf
Size: 247355 bytes
Desc: not available
URL: <http://lists.mpi-forum.org/pipermail/mpiwg-fortran/attachments/20090603/ef5ac3e9/attachment-0001.pdf>

More information about the mpiwg-fortran mailing list