Re: [TOOLS-DEVELOPMENT] Transition of sustainietf.org to IETF control

Henrik Levkowetz <henrik@levkowetz.com> Wed, 05 June 2019 20:21 UTC

Return-Path: <henrik@levkowetz.com>
X-Original-To: tools-development@ietfa.amsl.com
Delivered-To: tools-development@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DDE9F12014B for <tools-development@ietfa.amsl.com>; Wed, 5 Jun 2019 13:21:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zvcAlUP0uKkT for <tools-development@ietfa.amsl.com>; Wed, 5 Jun 2019 13:21:52 -0700 (PDT)
Received: from zinfandel.tools.ietf.org (zinfandel.tools.ietf.org [IPv6:2001:1890:126c::1:2a]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E9291120043 for <tools-development@ietf.org>; Wed, 5 Jun 2019 13:21:52 -0700 (PDT)
Received: from h-202-242.a357.priv.bahnhof.se ([158.174.202.242]:55695 helo=tannat.localdomain) by zinfandel.tools.ietf.org with esmtpsa (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <henrik@levkowetz.com>) id 1hYcPv-00016k-QK; Wed, 05 Jun 2019 13:21:52 -0700
To: Russ Housley <housley@vigilsec.com>, IETF Tools Development <tools-development@ietf.org>
References: <AE18154F-E974-4F18-BD0A-25882607C334@vigilsec.com>
From: Henrik Levkowetz <henrik@levkowetz.com>
Message-ID: <67bd601c-65c5-df7a-d42b-a7963ac73e04@levkowetz.com>
Date: Wed, 05 Jun 2019 22:21:44 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <AE18154F-E974-4F18-BD0A-25882607C334@vigilsec.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="Lw8M08MqEdMWNCPET0nsNfiIQDC3Bat29"
X-SA-Exim-Connect-IP: 158.174.202.242
X-SA-Exim-Rcpt-To: tools-development@ietf.org, housley@vigilsec.com
X-SA-Exim-Mail-From: henrik@levkowetz.com
X-SA-Exim-Version: 4.2.1 (built Mon, 26 Dec 2011 16:24:06 +0000)
X-SA-Exim-Scanned: Yes (on zinfandel.tools.ietf.org)
X-Clacks-Overhead: GNU Terry Pratchett
Archived-At: <https://mailarchive.ietf.org/arch/msg/tools-development/nVKTd42FJN0MhXAyvlIifrdi5NA>
Subject: Re: [TOOLS-DEVELOPMENT] Transition of sustainietf.org to IETF control
X-BeenThere: tools-development@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Tools Development list server <tools-development.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tools-development>, <mailto:tools-development-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tools-development/>
List-Post: <mailto:tools-development@ietf.org>
List-Help: <mailto:tools-development-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tools-development>, <mailto:tools-development-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Jun 2019 20:21:54 -0000

Hi Russ,

On 2019-06-05 21:57, Russ Housley wrote:
> Dear Tools Team:
> 
> The IETF LLC is working on transferring control of the IETF Endowment bank accounts from ISOC to the IETF, a process which should be completed on June 28. As a result, the related website and domain (sustainietf.org) need to be transferred to IETF.
> 
> I have asked Glen to work with ISOC to get the domain name transferred to the IETF Trust.
> 
> The web site is a WordPress-driven site. I am unaware of any any associated source control.
> 
> In addition, the site points people to SustainIETF@isoc.org, so we will need to create a new mailbox for that.  I do not yet understand who will read the mail sent there, so I do not have a suggest way forward yet.
> 
> Is this a candidate for a new container?

Given the history of security issues with wordpress sites, I think isolating
this in a container is an excellent idea.


	Henrik