Re: [CODE4LIB] VIAF https certs

2016-02-03 Thread Eric Hellman
https://www.ssllabs.com/ssltest/analyze.html?d=dx.doi.org Someone seem to be on the job there. > On Feb 2, 2016, at 2:32 PM, Stuart A. Yeates wrote: > > There are a relatively small number of infrastructure domains

Re: [CODE4LIB] VIAF https certs

2016-02-03 Thread Stuart A. Yeates
doi.org has a complex DNS, I'm not sure I'd accept the ssllabs result without double checking it with someone who deeply understands both DNS and HTTPS. cheers stuart -- ...let us be heard from red core to black sky On Thu, Feb 4, 2016 at 5:21 AM, Eric Hellman wrote: >

Re: [CODE4LIB] VIAF https certs

2016-02-02 Thread Stuart A. Yeates
There are a relatively small number of infrastructure domains to which a huge number of our users are exposed: doi.org handle.net ... In my view pretty much anything which can be used as a lever to get them to become more secure has to be a good idea, since these are websites which we have

Re: [CODE4LIB] VIAF https certs

2016-02-02 Thread Eric Hellman
The folks at 18F offered to set up a dashboard for the library world like https://pulse.cio.gov/https/domains/ b ut we thought it might be too depressing just now.

Re: [CODE4LIB] VIAF https certs

2016-02-01 Thread Peter Murray
For what it's worth, there is another site out there that looks at HTTP headers with a security bent: https://securityheaders.io/?q=http%3A%2F%2Fdltj.org I found I have some more work to do myself... Peter > On Feb 1, 2016, at 2:06 PM, LeVan,Ralph wrote: > > Hmm. Our

Re: [CODE4LIB] VIAF https certs

2016-02-01 Thread Stuart A. Yeates
Does anyone know of an alerting service for HTTPS certs? Ideally one that covers both soon-to-expire certs and now-below-recommended-security-settings certs? cheers stuart -- ...let us be heard from red core to black sky On Tue, Feb 2, 2016 at 8:06 AM, LeVan,Ralph wrote: >

Re: [CODE4LIB] VIAF https certs

2016-02-01 Thread LeVan,Ralph
Hmm. Our network folks had gotten that up to a C back in September and promised an OS upgrade to our load balancers to fix the remaining problems. I'll rattle their cages again. Thanks for checking! Ralph -Original Message- From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU]

Re: [CODE4LIB] VIAF https certs

2016-02-01 Thread Francis Kayiwa
On 2/1/16 2:21 PM, Stuart A. Yeates wrote: Does anyone know of an alerting service for HTTPS certs? Ideally one that covers both soon-to-expire certs and now-below-recommended-security-settings certs? Some assembly required. We use nagi... *ahem* icinga check_http to do this. The man pages or

[CODE4LIB] VIAF https certs

2016-02-01 Thread Stuart A. Yeates
I'm seeing people report issues with the VIAF HTTPS certs, see https://en.wikipedia.org/wiki/Template_talk:Authority_control https://www.ssllabs.com/ssltest/analyze.html?d=viaf.org gives the site a fail. cheers stuart -- ...let us be heard from red core to black sky