HTTPS / VSO / SunPy

[Joe Hourcle]

F'n google won't let me release your message as not spam (it's saying I'm
not authorized ... but I set up the group, so I have no idea what's going
on)

On Fri, 31 Jul 2015, noreply-s...@google.com wrote:

> ------- 1 of 1 -------
> Subject: Re: Warning : we may have to move to HTTPS
> From: Stuart Mumford <stu...@cadair.com>
> Date: Jul 29 06:53PM +0100
>
> Hey,
>
> What would we need to do in SunPy to be future compatible? We are
> running up to a release this week, so if it was a simple fix I could do
> it before we release.
>
> Stuart


For the time being, as you're hitting against nso.virtualsolar.org, you'll
be fine -- NSO is currently at Tucson (soon to move to Boulder), and
completely outside of NASA. There might be some disruptions as the 'data
providers' that NSO has to talk to are all over the place, and many of
them are here at Goddard ... so we'll have to change the code there to
make sure it can keep talking to the stuff I'll have to change out here.

In the long run, just to be safe, you'll likely need to include some sort
of TLS support (the successor to SSL, as we'll have to be running TLSv1.1
or after, because all versions of SSL have attacks against them, as does
TLSv1)

It's quite probable that you'll also need to distribute a copy of the NASA
CA certificate, and tell it to include it as trusted so that it won't trip
up the 'we don't know who signed this certificate' type messages.

But first, I need to get my endpoints all set up to support HTTPS, and get
the certificates for them ... which I don't even know what the process for
it is yet.

-Joe