[Chapter-delegates] Global Encryption Day: Advocacy Toolkit Is Here!

Dr. Joseph Lorenzo Hall hall at isoc.org
Wed Sep 29 04:37:09 PDT 2021 

Hello! I wouldn't say you are too much of a nuts and bolts geek.

We have a set of materials that ISOC and our community developed in 2020 during the Open Standards Everywhere project work including both standard webserver configurations (see: https://github.com/InternetSociety/ose-documentation ) and training material that people can use to harden their HTTPS websites and score 100% on security tests like SSLlabs (although we use Internet.nl's tests... Now that you'll really like hardenize.com which is where Ivan from SSLlabs left to go start).

As part of that work, we were able to get many, many ISOC and ISOC Chapter websites to score 100% on those tests but our largest sites are not fully 100% because they require close coordination with a number of entities including our content distribution network... in short, we have been working to make it to fully 100% but haven't made it yet for all our web properties!

Cheers, Joe

--
Joseph Lorenzo Hall, Senior Vice President, Strong Internet
hall at isoc.org | +1-703-483-9504
internetsociety.org | @internetsociety
pgp: https://josephhall.org/gpg-key
3CA28D7B9F6DDBD34B1016075F86698740A9A871

________________________________
From: Chapter-delegates <chapter-delegates-bounces at elists.isoc.org> on behalf of Hank Nussbacher via Chapter-delegates <chapter-delegates at elists.isoc.org>
Sent: Wednesday, September 29, 2021 04:37
To: Jeff Wilbur; Global Membership; ISOC Chapter Delegates
Subject: Re: [Chapter-delegates] Global Encryption Day: Advocacy Toolkit Is Here!

On 27/09/2021 20:39, Jeff Wilbur via Chapter-delegates wrote:
> Global Encryption Day: Advocacy Toolkit Now Available  (Sep 23, 2021)
>
> Regarding your reference to other uses of encryption (e.g, TLS,
> DoH/DoT), you make great points, and we can use these for ongoing
> education and calls to action for users to make wise choices regarding
> encryption. Thanks again for your feedback - together we can all help
> build a more secure and trustworthy Internet for everyone!
>
> Regards,
>
> Jeff Wilbur
>
> Senior Director, Online Trust
>
> Internet Society
>
Hi Jeff,

I guess I am too much of a nut and bolts geek.  So to all those
delegates on the list.....

How to improve end to end encryption in your country?

Today, between 75%
(https://w3techs.com/technologies/details/ce-httpsdefault) and 82%
(https://letsencrypt.org/stats/#percent-pageloads) of all web sites
worldwide use https which is the encrypted protocol for http.  How can
we help increase that number?

Welcome to the site: https://whynohttps.com/ which documents those sites
that don’t automatically redirect http requests to an https server.  Not
all data listed is 100% accurate but most of it is. Underneath the
initial list is data per country.  Just click on the flag icon to see
http sites for your country.  Here is where you come in.  If you
recognize a site – drop them an email and ask them why they don’t use
encrypted http also known as https?

The next stage is to improve the encryption used by https sites. The
protocol known as SSL (Secure Sockets Layer – now known as TLS -
Transport Layer Security) has undergone dozens of changes over the past
25 years.  But there is a site that can analyze any site and to
determine whether it complies with all the latest encryption protocols:
https://www.ssllabs.com/ssltest

Just type in your site and click “Submit”.  Anything less than an “A”
rating means the encryption used is not perfect.  For example, numerous
sites still support TLS 1.0 even though it was deprecated as not being
secure
(https://www.venafi.com/blog/why-its-dangerous-use-outdated-tls-security-protocols).
Once you identify a site with less than an “A” rating, contact them and
inform them that their encryption needs to be improved.
There you have it: two easy steps that everyone can do to help create a
more secure Internet.


Regards,
Hank Nussbacher
ISOC-IL

_______________________________________________
As an Internet Society Chapter Officer you are automatically subscribed
to this list, which is regularly synchronized with the Internet Society Chapter Portal (AMS):
https://admin.internetsociety.org/622619/User/Login
View the Internet Society Code of Conduct: https://www.internetsociety.org/become-a-member/code-of-conduct/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://elists.isoc.org/mailman/private/chapter-delegates/attachments/20210929/6ff07046/attachment.htm>

More information about the Chapter-delegates mailing list