Skip to content
Documentation for the Internet Society's Open Standards Everywhere project
Branch: master
Clone or download

README.md

The Internet Society's Open Standards Everywhere Project

This repository contains documentation for the Internet Society's Open Standards Everywhere project.

Servers

For the Open Standards Everywhere (OSE) project, we are building four reference servers:

All of these servers are being configured to achieve 100% on the Internet.nl website test suite and to pass the http2.pro HTTP/2 test.

12 Feb 2020 Update - The two non-CDN sites are at 100% in the tests. The two CDN sites are at 97% while we are getting some changes made to the TLS configuration (dropping support for TLS 1.0/1.1) in the CDN. All four servers support HTTP/2.

Current plan for documentation

The following documents will be created as part of the project. Note that they will all be written in English and then translated into French and Spanish.

We are not planning to create all of these documents entirely from scratch. We will also reference many of the other existing excellent tutorials on these topics, including some the Internet Society created earlier as part of our Deploy360 Programme.

The technical documentation listed below is currently planned. As the project is just getting underway, this list may change.

As each piece of documentation is added to the repository, a link will be added to the list below. Documents without a link have not been created yet.

Introduction

  • How a generic apache, nginx, or basic LAMP-stack is missing security pieces

IPv6

  • How to configure IPv6 on your apache or nginx web server
  • How to configure IPv6 on your apache or nginx web server with a CDN

DNSSEC

  • How to configure DNSSEC for your apache or nginx web server
  • How to configure DNSSEC for your apache or nginx web server with a CDN

TLS 1.3 using Let's Encrypt

  • How to configure TLS 1.3 on your apache or nginx web server
  • How to configure TLS 1.3 on your apache or nginx web server with a CDN

TLS - How to disable TLS 1.0 and 1.1

TLS - HSTS

TLS - Cipher Order

TLS - HTTP security headers

  • How to configure HTTP security headers on your apache web server
  • How to configure HTTP security headers on your nginx web server
  • How to configure HTTP security headers on your apache or nginx web server with a CDN

HTTP/2

  • How to configure HTTP/2 on your apache web server
  • How to configure HTTP/2 on your nginx web server
  • How to configure HTTP/2 on your apace or nginx web server with a CDN

Providing feedback

If you find any errors in the documentation, or have additional suggestions, please open a new issue here on GitHub so that we can respond. If you do not use GitHub and do not wish to create a free GitHub account, you can email project lead Dan York.

Questions?

If you have questions about this project, please contact project lead Dan York, either here on Github (@danyork) or at york@isoc.org

You can’t perform that action at this time.