263 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
A review of British Airways Premium Economy Service – How to destroy customer goodwill all at once
Tue, Mar 17th 2015 22
There's a bug in how @TextToTime() and @ToTime() process date strings related to international standards and browser settings
Thu, Feb 26th 2015 15
Delivering two new presentations at Developer Camp 2015 in Germany
Wed, Jan 21st 2015 9
A brilliant concept -- Compulsive Narrative Syndrome
Sun, Jan 18th 2015 16
Come talk to me at Connect in Orlando - I'll be there part of the time.
Fri, Jan 16th 2015 13
Looking for a few people who want to beta test my new SSL Certificate Request tool.
Thu, Dec 4th 2014 12
Well, it's official. IBM ConnectedED does not feel my contribution is worth the session time.
Mon, Dec 1st 2014 9
Top 10
A review of British Airways Premium Economy Service – How to destroy customer goodwill all at once
Tue, Mar 17th 2015 22
A brilliant concept -- Compulsive Narrative Syndrome
Sun, Jan 18th 2015 16
There's a bug in how @TextToTime() and @ToTime() process date strings related to international standards and browser settings
Thu, Feb 26th 2015 15
Summary Recommendation for dealing with the POODLE SSLv3 Vulnerability on Domino servers
Thu, Oct 16th 2014 14
Come talk to me at Connect in Orlando - I'll be there part of the time.
Fri, Jan 16th 2015 13
Are you using a Surface Pro 2 or another Windows 8.1 Tablet? Want to use Traveler on the touch screen? It works!
Mon, Feb 3rd 2014 12
Speaking tonight ath the ICU One (aka NE Notes Users Group)
Tue, Oct 14th 2014 12
Looking for a few people who want to beta test my new SSL Certificate Request tool.
Thu, Dec 4th 2014 12
IBM Domino Servers STILL don't support SSL SHA-2 Certificates - and about to be a PROBLEM
Wed, Sep 17th 2014 11
Quick update on the Domino SSL v3 "POODLE" , TLS, and SHA-2 issues -- Good news
Tue, Oct 21st 2014 10


Andrew Pollack
Blog Title Vision for Hire
Blog Description A collection of information and ideas by Andrew Pollack
Blog URL http://www.thenorth.com/apblog4.nsf
RSS Feed http://www.thenorth.com/apblog4.nsf/rss20.xml
Validate Feed feedvalidator.org or validator.w3.org
Feed Last Checked Mar 17, 2015 11:45:55 AM EST. Realtime Update:
Location


Recent Blog Posts
22
A review of British Airways Premium Economy Service – How to destroy customer goodwill all at once
Tue, Mar 17th 2015 11:28a   Andrew Pollack
Maybe an airline marketing person will read this and finally realize why business travelers increasingly hate them all. I'm sure both of my regular readers will be sympathic, though I'm also quite certain my little story will have no effect on British Airways whatsoever. It is sufficient to me that I can vent into the vast internet and allow this to live forever in the annals of the search engines. In the past I have recommended to my friends traveling to conferences in Europe, a particular fl
15
There's a bug in how @TextToTime() and @ToTime() process date strings related to international standards and browser settings
Thu, Feb 26th 2015 3:28p   Andrew Pollack
That's a long title, but it's simplest way I could come up with in one sentence to explain the issue. Here's what happens, why I ran into it, how to reproduce it, and a work-around. Background I am responsible for a web application in Domino, in which I use a non-Domino "Date - Picker" control. The result of that control is a text string representing the date, which I need to turn into an actual date-time value at save time. Complicating this, is that different standards exist for represent
9
Delivering two new presentations at Developer Camp 2015 in Germany
Wed, Jan 21st 2015 10:45a   Andrew Pollack
So the mini-sized, final year, run out the contract version of Lotusphere (aka Connect, aka ConnectED) is next week -- but I won't be speaking there. To see these brand new presentations you'll have to come see me in Germany at the beginning of March. [Developer Camp 2015] Interfacing Domino with Amazon Web Services and other external services If you're serious about Domino as a web platform, you're going to have to get used to interfacing with other services and systems whether they are on
16
A brilliant concept -- Compulsive Narrative Syndrome
Sun, Jan 18th 2015 9:30a   Andrew Pollack
I first came across this brilliant concept in Joel Shepherd’s "23 Years on Fire", the fourth novel in his Cassandra Kresnov series. The series started out a little juvenile but has gotten steadily more serious as the depth and age of the characters has increased. Here is Shepherd's characters explaining CNS -- tell me this doesn't ring a bell in modern politics. “The human brain is trained to look for and identify patterns, but in abstract concepts, fixed and unarguable facts are hard to
13
Come talk to me at Connect in Orlando - I'll be there part of the time.
Fri, Jan 16th 2015 10:34a   Andrew Pollack
It looks like unless things go pear shaped in the next few days, I'll be able to get down to Orlando for the beginning of the Connect conference. I'm currently planning to be there from Friday evening until Tuesday morning or early afternoon. I don't plan on buying a ticket and going sessions but I will likely lurk around the usual places (e.g. the Dolphin rotunda area, or if it's nice out the various sunshine spots) a good part of that time. If you want to make a specific effort to meet (or
12
Looking for a few people who want to beta test my new SSL Certificate Request tool.
Thu, Dec 4th 2014 11:53a   Andrew Pollack
I plan to open source this tool once I've done just a little more testing with other people. Drop me an email if you're interested. I'm looking for around 5 people who have the time, know how to deal with SSL stuff already, and already have the Notes 9.x admin client on their machines. The idea behind open sourcing for me, is that I've created the functional tool, and there's a lot of room for making it nicer looking and adding other kinds of functionality. For example, this tool allows you
9
Well, it's official. IBM ConnectedED does not feel my contribution is worth the session time.
Mon, Dec 1st 2014 3:39p   Andrew Pollack
I know I'm in good company, and I don't deserve a session slot any more than anyone else -- but I'd be lying if I didn't admit to being a bit frustrated and disappointed. For now, I'll hold my tongue about the decision process, wish the best of luck to those who will be speaking, hope the people attending find the content helpful, and say that if you want the content I've been delivering you'll have to come to some of the user groups or to Rudi's "Admin / Developer Camp" conferences...
5
First look at a new free Domino SSL certificate tool
Mon, Dec 1st 2014 3:30p   Andrew Pollack
I've coded something that I plan to release to the community if there is enough interest. It's designed to make the process of getting SHA2 certificates a little easier. I've had to request a fair number of these recently and the command line stuff is tedious and it's easy to make mistakes or misplace the various files. This tool uses the same steps as the process IBM documents and the same tools. You still have to install openSSL and the kyrtool update on your 9.x Admin client machine. The
5
Simplified explanation and steps for upgrading to SHA-2 encrypted SSL certificates for Domino
Mon, Nov 10th 2014 2:40p   Andrew Pollack
I went through the process to understand what IBM is saying in their patch information -- and while it's valid, it's also harder than it needs to be (IMCO) for people already used to doing things the Domino way. If you're already familiar with using the server certification database to create the keyring and make the certificate request certificate (CSR) you can keep using it. This is also helpful if you already have a SHA1 based certificate and you just want to re-issue. Note: This resolves
9
Warning: IBMs Interim Fix adding TLS 1.0 to Domino can break connections from Python and some other scripting clients
Tue, Nov 4th 2014 5:06p   Andrew Pollack
Here's a bit of joy to add to your day. Once your server can speak TLS 1.0 to help secure you from POODLE attacks, any code making connections to your server over HTTPS that use the utilities wget, curl and most importanly Python (and others, apparently) may break. The issue is that these tools are built using a version of openSSL that will try to connect using TLS 1.2 first -- and when that fails, the connection gets dropped. I've seen reports of this in Ruby as well, but I've verified that
8
Patch for the SSL v3 POODLE exploit has escaped IBM and can now be downloaded. You REALLY need this patch
Tue, Nov 4th 2014 5:00a   Andrew Pollack
If you do not apply this patch, you are going to start having users unable to connect using SSL to your Domino servers. Vendors and customer sites are starting to release operating system and browser patch that block access to sites using only SSLv3 without TLS. Until this morning, that meant all Domino servers not using a reverse proxy front end of some kind. This patch adds TLS 1.0 to Domino versions 8.51, 8.52, 8.53, 9.0, and 9.01 in all the various platforms. TLS 1.0 is a fairly old version
6
Automatic Spam Report to Provider Agent
Wed, Oct 29th 2014 7:39a   Andrew Pollack
This morning Andy Donaldson was asking on FB for code that turned a spam email into an EML attachment for reporting to anti-spam providers. I wrote this a while back for exactly that purpose. Rather than an attachment, this just creates an email to the anti-spam provider that contains the original spam message including all of it's header information and encoded mime. Essentially, if you took the body of what I'm sending and saved it as a text document with a .EML extension it would be the sam
10
Quick update on the Domino SSL v3 "POODLE" , TLS, and SHA-2 issues -- Good news
Tue, Oct 21st 2014 9:22a   Andrew Pollack
I've been more than a little sidetracked on some family things for the last week, but my good friend Gab Davis forwarded me these two links today that should address these critical issues. They're long overdue already, and will be another couple of weeks, but let's be glad to be getting them. TLS Support in a fixpack for 8.5.1, 8.5.2, 8.5.3, 9.0, and 9.0.1 within a "couple of weeks"http://www-01.ibm.com/support/docview.wss?uid=swg21687167 And http://www-01.ibm.com/support/docview.wss?uid=sw
14
Summary Recommendation for dealing with the POODLE SSLv3 Vulnerability on Domino servers
Thu, Oct 16th 2014 9:43a   Andrew Pollack
Rather than repeat what everyone else is writing about POODLE today, I want to give Domino server administrators a few quick items as it relates to them. In Brief -- and based on what I've been able to quickly learn: IS Domino affected? Yes. All Domino servers that are accepting direct HTTPS connections are impacted. THIS MEANS ALL TRAVELER SERVERS AS WELL. What is the risk to my server or data? The most immediate risk is access to user data and user impersonation. POODLE is the type of attack
12
Speaking tonight ath the ICU One (aka NE Notes Users Group)
Tue, Oct 14th 2014 6:13a   Andrew Pollack
For my Boston area friends in the Notes and Domino community, I'm speaking tonight at the ICU One (aka NE Notes Users Group) meeting in Cambridge. Come say hi. https://www.socialbizug.org/communities/service/html/communityview?communityUuid=784f8e78-2f09-4ae8-b2f5-324faed6413f#fullpageWidgetId=W2ffed7cac839_4390_981d_b7491ef25438&eventInstUuid=c8a488ce-e4b2-410a-b192-36254d01d6b2.....
6
Presentations from AdminCamp 2014
Thu, Oct 9th 2014 7:03p   Andrew Pollack
These are the presentations I gave at AdminCamp 2014 Extreme Domino HTTP Configuration The HTTP task is more powerful and complex than it looks. We`ll go through the configuration and show you how to make your server respond just the way you want. We`ll talk about virtual web sites, multi-homing, URL redirection, headers, and path substitution. Learn how you can use more than one SSL certificate on the same server. Domino Server & Application Performance in the Real World When it comes to pe
11
IBM Domino Servers STILL don't support SSL SHA-2 Certificates - and about to be a PROBLEM
Wed, Sep 17th 2014 9:20a   Andrew Pollack
I haven't blogged about anything, much less an IBM Domino issue in quite some time, but as Mooney pointed out today, this one is moving quickly toward being critical. Read the article, then call your IBM sales rep and start demanding they update to include SHA-2 SSL support immediately. The only people who can get this done, are big IBM Domino customers. Since this doesn't have a direct net positive effect on EPS (Earnings Per Share) for 2016, nothing is going to get done on it as long as they




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition