262 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
Delivering two new presentations at Developer Camp 2015 in Germany
Wed, Jan 21st 2015 49
A brilliant concept -- Compulsive Narrative Syndrome
Sun, Jan 18th 2015 17
Come talk to me at Connect in Orlando - I'll be there part of the time.
Fri, Jan 16th 2015 7
Looking for a few people who want to beta test my new SSL Certificate Request tool.
Thu, Dec 4th 2014 5
Well, it's official. IBM ConnectedED does not feel my contribution is worth the session time.
Mon, Dec 1st 2014 4
First look at a new free Domino SSL certificate tool
Mon, Dec 1st 2014 7
Simplified explanation and steps for upgrading to SHA-2 encrypted SSL certificates for Domino
Mon, Nov 10th 2014 9
Top 10
Delivering two new presentations at Developer Camp 2015 in Germany
Wed, Jan 21st 2015 49
A brilliant concept -- Compulsive Narrative Syndrome
Sun, Jan 18th 2015 17
Summary Recommendation for dealing with the POODLE SSLv3 Vulnerability on Domino servers
Thu, Oct 16th 2014 13
Patch for the SSL v3 POODLE exploit has escaped IBM and can now be downloaded. You REALLY need this patch
Tue, Nov 4th 2014 10
Simplified explanation and steps for upgrading to SHA-2 encrypted SSL certificates for Domino
Mon, Nov 10th 2014 9
IBM Domino Servers STILL don't support SSL SHA-2 Certificates - and about to be a PROBLEM
Wed, Sep 17th 2014 8
Warning: IBMs Interim Fix adding TLS 1.0 to Domino can break connections from Python and some other scripting clients
Tue, Nov 4th 2014 8
First look at a new free Domino SSL certificate tool
Mon, Dec 1st 2014 7
Come talk to me at Connect in Orlando - I'll be there part of the time.
Fri, Jan 16th 2015 7
Quick update on the Domino SSL v3 "POODLE" , TLS, and SHA-2 issues -- Good news
Tue, Oct 21st 2014 5


Andrew Pollack
Blog Title Vision for Hire
Blog Description A collection of information and ideas by Andrew Pollack
Blog URL http://www.thenorth.com/apblog4.nsf
RSS Feed http://www.thenorth.com/apblog4.nsf/rss20.xml
Validate Feed feedvalidator.org or validator.w3.org
Feed Last Checked Jan 26, 2015 6:53:01 PM EST. Realtime Update:
Location


Recent Blog Posts
49
Delivering two new presentations at Developer Camp 2015 in Germany
Wed, Jan 21st 2015 10:45a   Andrew Pollack
So the mini-sized, final year, run out the contract version of Lotusphere (aka Connect, aka ConnectED) is next week -- but I won't be speaking there. To see these brand new presentations you'll have to come see me in Germany at the beginning of March. [Developer Camp 2015] Interfacing Domino with Amazon Web Services and other external services If you're serious about Domino as a web platform, you're going to have to get used to interfacing with other services and systems whether they are on
17
A brilliant concept -- Compulsive Narrative Syndrome
Sun, Jan 18th 2015 9:30a   Andrew Pollack
I first came across this brilliant concept in Joel Shepherd’s "23 Years on Fire", the fourth novel in his Cassandra Kresnov series. The series started out a little juvenile but has gotten steadily more serious as the depth and age of the characters has increased. Here is Shepherd's characters explaining CNS -- tell me this doesn't ring a bell in modern politics. “The human brain is trained to look for and identify patterns, but in abstract concepts, fixed and unarguable facts are hard to
7
Come talk to me at Connect in Orlando - I'll be there part of the time.
Fri, Jan 16th 2015 10:34a   Andrew Pollack
It looks like unless things go pear shaped in the next few days, I'll be able to get down to Orlando for the beginning of the Connect conference. I'm currently planning to be there from Friday evening until Tuesday morning or early afternoon. I don't plan on buying a ticket and going sessions but I will likely lurk around the usual places (e.g. the Dolphin rotunda area, or if it's nice out the various sunshine spots) a good part of that time. If you want to make a specific effort to meet (or
5
Looking for a few people who want to beta test my new SSL Certificate Request tool.
Thu, Dec 4th 2014 11:53a   Andrew Pollack
I plan to open source this tool once I've done just a little more testing with other people. Drop me an email if you're interested. I'm looking for around 5 people who have the time, know how to deal with SSL stuff already, and already have the Notes 9.x admin client on their machines. The idea behind open sourcing for me, is that I've created the functional tool, and there's a lot of room for making it nicer looking and adding other kinds of functionality. For example, this tool allows you
4
Well, it's official. IBM ConnectedED does not feel my contribution is worth the session time.
Mon, Dec 1st 2014 3:39p   Andrew Pollack
I know I'm in good company, and I don't deserve a session slot any more than anyone else -- but I'd be lying if I didn't admit to being a bit frustrated and disappointed. For now, I'll hold my tongue about the decision process, wish the best of luck to those who will be speaking, hope the people attending find the content helpful, and say that if you want the content I've been delivering you'll have to come to some of the user groups or to Rudi's "Admin / Developer Camp" conferences...
7
First look at a new free Domino SSL certificate tool
Mon, Dec 1st 2014 3:30p   Andrew Pollack
I've coded something that I plan to release to the community if there is enough interest. It's designed to make the process of getting SHA2 certificates a little easier. I've had to request a fair number of these recently and the command line stuff is tedious and it's easy to make mistakes or misplace the various files. This tool uses the same steps as the process IBM documents and the same tools. You still have to install openSSL and the kyrtool update on your 9.x Admin client machine. The
9
Simplified explanation and steps for upgrading to SHA-2 encrypted SSL certificates for Domino
Mon, Nov 10th 2014 2:40p   Andrew Pollack
I went through the process to understand what IBM is saying in their patch information -- and while it's valid, it's also harder than it needs to be (IMCO) for people already used to doing things the Domino way. If you're already familiar with using the server certification database to create the keyring and make the certificate request certificate (CSR) you can keep using it. This is also helpful if you already have a SHA1 based certificate and you just want to re-issue. Note: This resolves
8
Warning: IBMs Interim Fix adding TLS 1.0 to Domino can break connections from Python and some other scripting clients
Tue, Nov 4th 2014 5:06p   Andrew Pollack
Here's a bit of joy to add to your day. Once your server can speak TLS 1.0 to help secure you from POODLE attacks, any code making connections to your server over HTTPS that use the utilities wget, curl and most importanly Python (and others, apparently) may break. The issue is that these tools are built using a version of openSSL that will try to connect using TLS 1.2 first -- and when that fails, the connection gets dropped. I've seen reports of this in Ruby as well, but I've verified that
10
Patch for the SSL v3 POODLE exploit has escaped IBM and can now be downloaded. You REALLY need this patch
Tue, Nov 4th 2014 5:00a   Andrew Pollack
If you do not apply this patch, you are going to start having users unable to connect using SSL to your Domino servers. Vendors and customer sites are starting to release operating system and browser patch that block access to sites using only SSLv3 without TLS. Until this morning, that meant all Domino servers not using a reverse proxy front end of some kind. This patch adds TLS 1.0 to Domino versions 8.51, 8.52, 8.53, 9.0, and 9.01 in all the various platforms. TLS 1.0 is a fairly old version
4
Automatic Spam Report to Provider Agent
Wed, Oct 29th 2014 7:39a   Andrew Pollack
This morning Andy Donaldson was asking on FB for code that turned a spam email into an EML attachment for reporting to anti-spam providers. I wrote this a while back for exactly that purpose. Rather than an attachment, this just creates an email to the anti-spam provider that contains the original spam message including all of it's header information and encoded mime. Essentially, if you took the body of what I'm sending and saved it as a text document with a .EML extension it would be the sam
5
Quick update on the Domino SSL v3 "POODLE" , TLS, and SHA-2 issues -- Good news
Tue, Oct 21st 2014 9:22a   Andrew Pollack
I've been more than a little sidetracked on some family things for the last week, but my good friend Gab Davis forwarded me these two links today that should address these critical issues. They're long overdue already, and will be another couple of weeks, but let's be glad to be getting them. TLS Support in a fixpack for 8.5.1, 8.5.2, 8.5.3, 9.0, and 9.0.1 within a "couple of weeks"http://www-01.ibm.com/support/docview.wss?uid=swg21687167 And http://www-01.ibm.com/support/docview.wss?uid=sw
13
Summary Recommendation for dealing with the POODLE SSLv3 Vulnerability on Domino servers
Thu, Oct 16th 2014 9:43a   Andrew Pollack
Rather than repeat what everyone else is writing about POODLE today, I want to give Domino server administrators a few quick items as it relates to them. In Brief -- and based on what I've been able to quickly learn: IS Domino affected? Yes. All Domino servers that are accepting direct HTTPS connections are impacted. THIS MEANS ALL TRAVELER SERVERS AS WELL. What is the risk to my server or data? The most immediate risk is access to user data and user impersonation. POODLE is the type of attack
3
Speaking tonight ath the ICU One (aka NE Notes Users Group)
Tue, Oct 14th 2014 6:13a   Andrew Pollack
For my Boston area friends in the Notes and Domino community, I'm speaking tonight at the ICU One (aka NE Notes Users Group) meeting in Cambridge. Come say hi. https://www.socialbizug.org/communities/service/html/communityview?communityUuid=784f8e78-2f09-4ae8-b2f5-324faed6413f#fullpageWidgetId=W2ffed7cac839_4390_981d_b7491ef25438&eventInstUuid=c8a488ce-e4b2-410a-b192-36254d01d6b2.....
4
Presentations from AdminCamp 2014
Thu, Oct 9th 2014 7:03p   Andrew Pollack
These are the presentations I gave at AdminCamp 2014 Extreme Domino HTTP Configuration The HTTP task is more powerful and complex than it looks. We`ll go through the configuration and show you how to make your server respond just the way you want. We`ll talk about virtual web sites, multi-homing, URL redirection, headers, and path substitution. Learn how you can use more than one SSL certificate on the same server. Domino Server & Application Performance in the Real World When it comes to pe
8
IBM Domino Servers STILL don't support SSL SHA-2 Certificates - and about to be a PROBLEM
Wed, Sep 17th 2014 9:20a   Andrew Pollack
I haven't blogged about anything, much less an IBM Domino issue in quite some time, but as Mooney pointed out today, this one is moving quickly toward being critical. Read the article, then call your IBM sales rep and start demanding they update to include SHA-2 SSL support immediately. The only people who can get this done, are big IBM Domino customers. Since this doesn't have a direct net positive effect on EPS (Earnings Per Share) for 2016, nothing is going to get done on it as long as they
3
Changing what I do at the Fire Department
Sun, Feb 9th 2014 9:40a   Andrew Pollack
So, here’s a bit of a change. A couple of weeks ago I let the chief know that it was time for me to step down as the Lieutenant of our Engine 1. Once a replacement is chosen, I’ll still be a firefighter but won’t be an officer any longer. There are a number of reasons for this, but the best explanation I can give is that it is time to let someone else grow into that role and make their own contribution, while at the same time I’ve got plenty of other things going on that keep me from put
3
Dammit. I think I broke facebook.
Fri, Feb 7th 2014 2:20p   Andrew Pollack
.....
3
Sochi Olympics Pub Chat - Now Open
Thu, Feb 6th 2014 2:46p   Andrew Pollack
As in years past, I've created a group Skype chat room for anyone who wants to use it while watching the Olympics. We've had fun with this in the past, as long as nobody takes it too seriously. Here's a link: skype:?chat&blob=1-XgYKMLG_kK5fqEsq4t4Jd4GLxHZxbMIqSYtCRXS9DiF5WNjBtuljOtcSDqaGdkOv5mX6paJQSuNuI A few recommendations: 1. Definitely use the skype command '/alertsoff' so when you're not watching you won't get bugged by the rest of us. Don't bother trying to keep up or going ba
2
Question for mobile app developers - what development platform do you recommend?
Wed, Feb 5th 2014 12:20p   Andrew Pollack
I've got a need to build a couple of mobile apps, and I'm looking for platform recommendations. Here are the things that are important to me: 1. I prefer a true, compiled app -- not a wrapper around a web page, and not a PaaS (Platform as a Service) 2. I'd like to develop once and deploy on both Android and IOS, but but that's not a show stopper. The more I can share between the two the better though. 3. I'd like to have built in support for web services -- so that if I drop some WSDL on th
4
Are you using a Surface Pro 2 or another Windows 8.1 Tablet? Want to use Traveler on the touch screen? It works!
Mon, Feb 3rd 2014 11:57a   Andrew Pollack
While I like many things about the Surface Pro 2, when I'm using it as a tablet without the keyboard it is almost impossible for me to use the Desktop client for Notes. The touch spots are just too small. Microsoft provides a nice little Mail, Calendar, and Contact app (that seems a lot like Traveler on Android) meant for interaction with the touch screen, so I thought I'd see about getting it to work. [] First of all, make sure you're running the very latest version of the Domino Server and
4
Some thoughts from IBM Connect 2014
Mon, Feb 3rd 2014 9:31a   Andrew Pollack
My participation was limited this year. I did get to see the Opening General Session, and to spend time on Friday, Saturday, Sunday, and Monday talking with many of my favorite IBM developers and product managers. My limited participation was simply because I had chosen not to submit a presentation proposal – and for me, sitting in sessions has never been a priority so I’ve opted to spend my travel budget on “Engage” and some of the other “LUGs” this year. That said, here are some th




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition