Lasso 8.6.3 and TLS 1.2

classic Classic list List threaded Threaded
17 messages Options
Reply | Threaded
Open this post in threaded view
|

Lasso 8.6.3 and TLS 1.2

Mark Palmer
Hi Listers,

I was about to put a new site live using Lasso 8.6.3 on CentOS 5 when
PayPal changed their SSL setup to require TLS 1.2.

So my host Anu (awesome guys) switched me to CentOS 6 where lib_curl
apparently supports TLS 1.2 however it seems Lasso’s include_url
can’t request the underlying lib_curl to use TLS 1.2.

Is it possible to modify include_url?

Anyone have any other ideas.


Regards

Mark Palmer
E: [hidden email]
T: 01902 620500 and 01285 610035
W: www.pageworks.co.uk

#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

Steffan A. Cline
I had to do something similar for Credco a while back. I ended up using PassThru and wrote my own replacement of include_url. It took me a while but it works fine.

Sadly, I couldn’t find any other way to make this happen.

Perhaps ask Eric Knibbe if he has some way to rebuild that tag from source since this is the way everything is going.


Thank you,
Steffan Cline
602-793-0014








On 3/11/16, 8:27 AM, "Mark Palmer" <[hidden email] on behalf of [hidden email]> wrote:

>Hi Listers,
>
>I was about to put a new site live using Lasso 8.6.3 on CentOS 5 when
>PayPal changed their SSL setup to require TLS 1.2.
>
>So my host Anu (awesome guys) switched me to CentOS 6 where lib_curl
>apparently supports TLS 1.2 however it seems Lasso’s include_url
>can’t request the underlying lib_curl to use TLS 1.2.
>
>Is it possible to modify include_url?
>
>Anyone have any other ideas.
>
>
>Regards
>
>Mark Palmer
>E: [hidden email]
>T: 01902 620500 and 01285 610035
>W: www.pageworks.co.uk
>
>#############################################################
>
>This message is sent to you because you are subscribed to
>  the mailing list Lasso [hidden email]
>Official list archives available at http://www.lassotalk.com
>To unsubscribe, E-mail to: <[hidden email]>
>Send administrative queries to  <[hidden email]>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

Peter D Bethke
I agree with Steffan - rolling your own using curl (and PassThru +1)  is not the worst thing you can do. I did that extensively recently building my own REST client. It’s got a ton of features that you can’t access using the built in include_url in 8.x.

Peter

> On Mar 11, 2016, at 12:42 PM, Steffan Cline <[hidden email]> wrote:
>
> I had to do something similar for Credco a while back. I ended up using PassThru and wrote my own replacement of include_url. It took me a while but it works fine.
>
> Sadly, I couldn’t find any other way to make this happen.
>
> Perhaps ask Eric Knibbe if he has some way to rebuild that tag from source since this is the way everything is going.
>
>
> Thank you,
> Steffan Cline
> 602-793-0014
>
>
>
>
>
>
>
>
> On 3/11/16, 8:27 AM, "Mark Palmer" <[hidden email] on behalf of [hidden email]> wrote:
>
>> Hi Listers,
>>
>> I was about to put a new site live using Lasso 8.6.3 on CentOS 5 when
>> PayPal changed their SSL setup to require TLS 1.2.
>>
>> So my host Anu (awesome guys) switched me to CentOS 6 where lib_curl
>> apparently supports TLS 1.2 however it seems Lasso’s include_url
>> can’t request the underlying lib_curl to use TLS 1.2.
>>
>> Is it possible to modify include_url?
>>
>> Anyone have any other ideas.
>>
>>
>> Regards
>>
>> Mark Palmer
>> E: [hidden email]
>> T: 01902 620500 and 01285 610035
>> W: www.pageworks.co.uk
>>
>> #############################################################
>>
>> This message is sent to you because you are subscribed to
>> the mailing list Lasso [hidden email]
>> Official list archives available at http://www.lassotalk.com
>> To unsubscribe, E-mail to: <[hidden email]>
>> Send administrative queries to  <[hidden email]>
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
>  the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

French, Shelane
Do you have that REST code shared anywhere? If not, would you mind? Why
re-invent the wheel, right?

On 3/13/16, 9:07 AM, "[hidden email] on behalf of Peter
D Bethke" <[hidden email] on behalf of
[hidden email]> wrote:

>I agree with Steffan - rolling your own using curl (and PassThru +1)  is
>not the worst thing you can do. I did that extensively recently building
>my own REST client. It¹s got a ton of features that you can¹t access
>using the built in include_url in 8.x.
>
>Peter
>
>> On Mar 11, 2016, at 12:42 PM, Steffan Cline <[hidden email]> wrote:
>>
>> I had to do something similar for Credco a while back. I ended up using
>>PassThru and wrote my own replacement of include_url. It took me a while
>>but it works fine.
>>
>> Sadly, I couldn¹t find any other way to make this happen.
>>
>> Perhaps ask Eric Knibbe if he has some way to rebuild that tag from
>>source since this is the way everything is going.
>>
>>
>> Thank you,
>> Steffan Cline
>> 602-793-0014
>>
>>
>>
>>
>>
>>
>>
>>
>> On 3/11/16, 8:27 AM, "Mark Palmer" <[hidden email]
>>on behalf of [hidden email]> wrote:
>>
>>> Hi Listers,
>>>
>>> I was about to put a new site live using Lasso 8.6.3 on CentOS 5 when
>>> PayPal changed their SSL setup to require TLS 1.2.
>>>
>>> So my host Anu (awesome guys) switched me to CentOS 6 where lib_curl
>>> apparently supports TLS 1.2 however it seems Lasso¹s include_url
>>> can¹t request the underlying lib_curl to use TLS 1.2.
>>>
>>> Is it possible to modify include_url?
>>>
>>> Anyone have any other ideas.
>>>
>>>
>>> Regards
>>>
>>> Mark Palmer
>>> E: [hidden email]
>>> T: 01902 620500 and 01285 610035
>>> W: www.pageworks.co.uk
>>>
>>> #############################################################
>>>
>>> This message is sent to you because you are subscribed to
>>> the mailing list Lasso [hidden email]
>>> Official list archives available at
>>>http://secure-web.cisco.com/1L40dBT5be4uj6n_MDO-q7hLsekKwfT4IDl3rIEFemP4
>>>LpBVVKNMJE1Y4SK3ey2MZ8VAdDtvBIOZXHzZjFDbGpJrLJGay5JHOY6Dye4l-V8Ocgdy-Uz9
>>>k7n0euQ2fx_8DqrH7-fBcH9LvbzG9EEZVJeCutrT7q35TMDMm-KHRcU99vxS1pNxv0JLZBSJ
>>>XXYLzodAJVg0g_p7zbNcFQ4h45QNBATil6dIbulRqySSsyZ5gYebWq4CTjrXyHrDoTUqw9L4
>>>KH586TmJQHjPP4EudiP5kf1TuK0btJTODIjDjhUar4NCfZ9-Y-0KGPbNJOv14f2pGbAm_2gt
>>>JlrPAWEaBXN4Vm0XX9HFA2-WTPOPZROU/http%3A%2F%2Fwww.lassotalk.com%0A%3E%3E
>>>%20To%20unsubscribe%2C%20E-mail%20to%3A%20%3CLasso-unsubscribe%40lists.l
>>>assosoft.com>
>>> Send administrative queries to  <[hidden email]>
>>
>>
>> #############################################################
>>
>> This message is sent to you because you are subscribed to
>>  the mailing list Lasso [hidden email]
>> Official list archives available at
>>http://secure-web.cisco.com/1FJ-K3fdnMWz1liKZWTq8h8fDrnLvVTS4dNceWi3K1vuK
>>5c-VgHqJzEu3_Ip2gw0dcPC61FVmqrGi7fGOYJIoK0h76nBSruwhJV0wROhnkaewYOo8NekL1
>>dqPpZH6R3BJOCxYl-GrzZCxBPixKrKmcdtc4rvIxQDQCrv7oRbr5zttDXU6Z3c3uaLRZ-QbZr
>>sxoQY2ZiZYaCKx0Z_0g4OZi6_oUlJc8A7b6ftvLZ4ueN09tsZvigY8wiqco3h-PxCD1vfx6Mt
>>zU2rDq88mozBLVL63VIIdkzT7N0AOB93Ot6inhjTj-JNBH0q1iVZPmMsm3D2YXbZ4b_YEs91y
>>a63Orcwx7bj8bvcxkMkQBx0prHM/http%3A%2F%2Fwww.lassotalk.com%0A%3E%20To%20u
>>nsubscribe%2C%20E-mail%20to%3A%20%3CLasso-unsubscribe%40lists.lassosoft.c
>>om>
>> Send administrative queries to  <[hidden email]>
>
>
>#############################################################
>
>This message is sent to you because you are subscribed to
>  the mailing list Lasso [hidden email]
>Official list archives available at
>http://secure-web.cisco.com/1A563f7HhxJ0QFS9DXVpBAUWdwbTBP6OwQ61KMf_i7ylYm
>vfTkS_KjVcqXnLXRJSNHzMkAOGwZ2X6qKiZBNQdwKsxVAoVRig7z9W7BQVNhDb2FSiobSLlXBl
>CIvFU4W74ItWu_TAFHlKrqfTWzwwEU9GvZFIsmkejEkbnV5H5orQmTXlxu95GnLaIljH_vRYOF
>04-M6NMGWO87eTo0TebxfYdp2-gR6yc7_3z20GX7oCUcz2I12G9N9kairhZLjS8AieLIN9Er-i
>AscjRkq-f9W-7VTL7dIgsoLgi5J0vLPZmyw_3VbDK_Zzm0d_dm2elShyitJ9O-rIsohukZIFvp
>Ho9F_Vu9tjAedEA0bTV4VE/http%3A%2F%2Fwww.lassotalk.com%0ATo%20unsubscribe%2
>C%20E-mail%20to%3A%20%3CLasso-unsubscribe%40lists.lassosoft.com>
>Send administrative queries to  <[hidden email]>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

decorior
I am late to this rodeo!

However, we decided it was easier to pass the information to a lasso 9 server, and then let it do all the heavy lifting using Brad's client and all the GREAT tools of Lasso 9

The extra overhead seems minimal

Deco




> On Mar 14, 2016, at 10:35 AM, French, Shelane <[hidden email]> wrote:
>
> Do you have that REST code shared anywhere? If not, would you mind? Why
> re-invent the wheel, right?
>
> On 3/13/16, 9:07 AM, "[hidden email] on behalf of Peter
> D Bethke" <[hidden email] on behalf of
> [hidden email]> wrote:
>
>> I agree with Steffan - rolling your own using curl (and PassThru +1)  is
>> not the worst thing you can do. I did that extensively recently building
>> my own REST client. It¹s got a ton of features that you can¹t access
>> using the built in include_url in 8.x.
>>
>> Peter
>>
>>> On Mar 11, 2016, at 12:42 PM, Steffan Cline <[hidden email]> wrote:
>>>
>>> I had to do something similar for Credco a while back. I ended up using
>>> PassThru and wrote my own replacement of include_url. It took me a while
>>> but it works fine.
>>>
>>> Sadly, I couldn¹t find any other way to make this happen.
>>>
>>> Perhaps ask Eric Knibbe if he has some way to rebuild that tag from
>>> source since this is the way everything is going.
>>>
>>>
>>> Thank you,
>>> Steffan Cline
>>> 602-793-0014
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> On 3/11/16, 8:27 AM, "Mark Palmer" <[hidden email]
>>> on behalf of [hidden email]> wrote:
>>>
>>>> Hi Listers,
>>>>
>>>> I was about to put a new site live using Lasso 8.6.3 on CentOS 5 when
>>>> PayPal changed their SSL setup to require TLS 1.2.
>>>>
>>>> So my host Anu (awesome guys) switched me to CentOS 6 where lib_curl
>>>> apparently supports TLS 1.2 however it seems Lasso¹s include_url
>>>> can¹t request the underlying lib_curl to use TLS 1.2.
>>>>
>>>> Is it possible to modify include_url?
>>>>
>>>> Anyone have any other ideas.
>>>>
>>>>
>>>> Regards
>>>>
>>>> Mark Palmer
>>>> E: [hidden email]
>>>> T: 01902 620500 and 01285 610035
>>>> W: www.pageworks.co.uk
>>>>
>>>> #############################################################
>>>>
>>>> This message is sent to you because you are subscribed to
>>>> the mailing list Lasso [hidden email]
>>>> Official list archives available at
>>>> http://secure-web.cisco.com/1L40dBT5be4uj6n_MDO-q7hLsekKwfT4IDl3rIEFemP4
>>>> LpBVVKNMJE1Y4SK3ey2MZ8VAdDtvBIOZXHzZjFDbGpJrLJGay5JHOY6Dye4l-V8Ocgdy-Uz9
>>>> k7n0euQ2fx_8DqrH7-fBcH9LvbzG9EEZVJeCutrT7q35TMDMm-KHRcU99vxS1pNxv0JLZBSJ
>>>> XXYLzodAJVg0g_p7zbNcFQ4h45QNBATil6dIbulRqySSsyZ5gYebWq4CTjrXyHrDoTUqw9L4
>>>> KH586TmJQHjPP4EudiP5kf1TuK0btJTODIjDjhUar4NCfZ9-Y-0KGPbNJOv14f2pGbAm_2gt
>>>> JlrPAWEaBXN4Vm0XX9HFA2-WTPOPZROU/http%3A%2F%2Fwww.lassotalk.com%0A%3E%3E
>>>> %20To%20unsubscribe%2C%20E-mail%20to%3A%20%3CLasso-unsubscribe%40lists.l
>>>> assosoft.com>
>>>> Send administrative queries to  <[hidden email]>
>>>
>>>
>>> #############################################################
>>>
>>> This message is sent to you because you are subscribed to
>>> the mailing list Lasso [hidden email]
>>> Official list archives available at
>>> http://secure-web.cisco.com/1FJ-K3fdnMWz1liKZWTq8h8fDrnLvVTS4dNceWi3K1vuK
>>> 5c-VgHqJzEu3_Ip2gw0dcPC61FVmqrGi7fGOYJIoK0h76nBSruwhJV0wROhnkaewYOo8NekL1
>>> dqPpZH6R3BJOCxYl-GrzZCxBPixKrKmcdtc4rvIxQDQCrv7oRbr5zttDXU6Z3c3uaLRZ-QbZr
>>> sxoQY2ZiZYaCKx0Z_0g4OZi6_oUlJc8A7b6ftvLZ4ueN09tsZvigY8wiqco3h-PxCD1vfx6Mt
>>> zU2rDq88mozBLVL63VIIdkzT7N0AOB93Ot6inhjTj-JNBH0q1iVZPmMsm3D2YXbZ4b_YEs91y
>>> a63Orcwx7bj8bvcxkMkQBx0prHM/http%3A%2F%2Fwww.lassotalk.com%0A%3E%20To%20u
>>> nsubscribe%2C%20E-mail%20to%3A%20%3CLasso-unsubscribe%40lists.lassosoft.c
>>> om>
>>> Send administrative queries to  <[hidden email]>
>>
>>
>> #############################################################
>>
>> This message is sent to you because you are subscribed to
>> the mailing list Lasso [hidden email]
>> Official list archives available at
>> http://secure-web.cisco.com/1A563f7HhxJ0QFS9DXVpBAUWdwbTBP6OwQ61KMf_i7ylYm
>> vfTkS_KjVcqXnLXRJSNHzMkAOGwZ2X6qKiZBNQdwKsxVAoVRig7z9W7BQVNhDb2FSiobSLlXBl
>> CIvFU4W74ItWu_TAFHlKrqfTWzwwEU9GvZFIsmkejEkbnV5H5orQmTXlxu95GnLaIljH_vRYOF
>> 04-M6NMGWO87eTo0TebxfYdp2-gR6yc7_3z20GX7oCUcz2I12G9N9kairhZLjS8AieLIN9Er-i
>> AscjRkq-f9W-7VTL7dIgsoLgi5J0vLPZmyw_3VbDK_Zzm0d_dm2elShyitJ9O-rIsohukZIFvp
>> Ho9F_Vu9tjAedEA0bTV4VE/http%3A%2F%2Fwww.lassotalk.com%0ATo%20unsubscribe%2
>> C%20E-mail%20to%3A%20%3CLasso-unsubscribe%40lists.lassosoft.com>
>> Send administrative queries to  <[hidden email]>
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
>  the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

maxwellk2
In reply to this post by Mark Palmer
Thanks for the heads up on this Mark, seems like I'll be needing a solution for a handful of Lasso 8.6 site using Authorize.net - they sent this out recently…

> TLS Remediation for PCI DSS Compliance
> As you may already be aware, new PCI DSS requirements state that all payment systems must disable TLS 1.0 by 2018. Though we are still finalizing our plans for remediating TLS 1.0 in both sandbox and production, we will be disabling TLS 1.0 in sandbox and production in early 2017. This is to ensure that we are compliant ahead of the PCI date.
> In addition, we are discussing the possibility of disabling TLS 1.1 at the same time, because while it is not expressly forbidden, there are enough concerns surrounding it. TLS 1.2 is currently the strongest available protocol, and we strongly urge all merchants and developer partners to use it for their API integrations.


Very interested in what other Lasso 8.6'ers are doing to keep things working, but a rebuild of the include_url from Eric sounds ideal.

-Max



> On Mar 11, 2016, at 7:27 AM, Mark Palmer <[hidden email]> wrote:
>
> Hi Listers,
>
> I was about to put a new site live using Lasso 8.6.3 on CentOS 5 when PayPal changed their SSL setup to require TLS 1.2.
>
> So my host Anu (awesome guys) switched me to CentOS 6 where lib_curl apparently supports TLS 1.2 however it seems Lasso’s include_url can’t request the underlying lib_curl to use TLS 1.2.
>
> Is it possible to modify include_url?
>
> Anyone have any other ideas.
>
>
> Regards
>
> Mark Palmer
> E: [hidden email]
> T: 01902 620500 and 01285 610035
> W: www.pageworks.co.uk
>
> #############################################################
>
> This message is sent to you because you are subscribed to
> the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

Marc Pinnell-3
Funny you should ask. I was just revisiting that issue this morning. I too anu! Working with Chris to get the server upgraded, but my thinking is trying to move everyone off L8.6 before I do. I'm down to about 6-7 sites on L8.6 now. I've move the rest off into ProcessWire's CMS or a flat HTML site. None of the rest are using SSL, so may not be as big an issue for me as it was for you. BUT, I do have other e-com sites on the server that are needing the TLS2 compliance, so something will have to give at some point the very near future.

marc

On Mar 14, 2016, at 12:01 PM, Maxwell Klein <[hidden email]> wrote:

> Thanks for the heads up on this Mark, seems like I'll be needing a solution for a handful of Lasso 8.6 site using Authorize.net - they sent this out recently…
>
>> TLS Remediation for PCI DSS Compliance
>> As you may already be aware, new PCI DSS requirements state that all payment systems must disable TLS 1.0 by 2018. Though we are still finalizing our plans for remediating TLS 1.0 in both sandbox and production, we will be disabling TLS 1.0 in sandbox and production in early 2017. This is to ensure that we are compliant ahead of the PCI date.
>> In addition, we are discussing the possibility of disabling TLS 1.1 at the same time, because while it is not expressly forbidden, there are enough concerns surrounding it. TLS 1.2 is currently the strongest available protocol, and we strongly urge all merchants and developer partners to use it for their API integrations.
>
>
> Very interested in what other Lasso 8.6'ers are doing to keep things working, but a rebuild of the include_url from Eric sounds ideal.
>
> -Max
>
>
>
>> On Mar 11, 2016, at 7:27 AM, Mark Palmer <[hidden email]> wrote:
>>
>> Hi Listers,
>>
>> I was about to put a new site live using Lasso 8.6.3 on CentOS 5 when PayPal changed their SSL setup to require TLS 1.2.
>>
>> So my host Anu (awesome guys) switched me to CentOS 6 where lib_curl apparently supports TLS 1.2 however it seems Lasso’s include_url can’t request the underlying lib_curl to use TLS 1.2.
>>
>> Is it possible to modify include_url?
>>
>> Anyone have any other ideas.
>>
>>
>> Regards
>>
>> Mark Palmer
>> E: [hidden email]
>> T: 01902 620500 and 01285 610035
>> W: www.pageworks.co.uk
>>
>> #############################################################
>>
>> This message is sent to you because you are subscribed to
>> the mailing list Lasso [hidden email]
>> Official list archives available at http://www.lassotalk.com
>> To unsubscribe, E-mail to: <[hidden email]>
>> Send administrative queries to  <[hidden email]>
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
>  the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>

Marc Pinnell
1027 Design
PO Box 990872
Redding, CA 96099-0872
530.941.4706
fax: 866.232.5300
www.1027Design.com



#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

Peter D Bethke
In reply to this post by French, Shelane
Hi Shelley,

I’m afraid the REST client is highly tailored to a specific solution, one that doesn’t exactly follow all the “REST” rules - So I’m not sure in its current state it would be much help.

However, I did get my initial inspiration from Tim Taplin’s code for the GoogleAPI. If you strip out the google-specific stuff you will find the bones of the rest client there.

Peter

https://bitbucket.org/taplin/googlecalapi_lasso/overview 

> On Mar 14, 2016, at 12:35 PM, French, Shelane <[hidden email]> wrote:
>
> Do you have that REST code shared anywhere? If not, would you mind? Why
> re-invent the wheel, right?
>
> On 3/13/16, 9:07 AM, "[hidden email] on behalf of Peter
> D Bethke" <[hidden email] on behalf of
> [hidden email]> wrote:
>
>> I agree with Steffan - rolling your own using curl (and PassThru +1)  is
>> not the worst thing you can do. I did that extensively recently building
>> my own REST client. It¹s got a ton of features that you can¹t access
>> using the built in include_url in 8.x.
>>
>> Peter
>>
>>> On Mar 11, 2016, at 12:42 PM, Steffan Cline <[hidden email]> wrote:
>>>
>>> I had to do something similar for Credco a while back. I ended up using
>>> PassThru and wrote my own replacement of include_url. It took me a while
>>> but it works fine.
>>>
>>> Sadly, I couldn¹t find any other way to make this happen.
>>>
>>> Perhaps ask Eric Knibbe if he has some way to rebuild that tag from
>>> source since this is the way everything is going.
>>>
>>>
>>> Thank you,
>>> Steffan Cline
>>> 602-793-0014
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> On 3/11/16, 8:27 AM, "Mark Palmer" <[hidden email]
>>> on behalf of [hidden email]> wrote:
>>>
>>>> Hi Listers,
>>>>
>>>> I was about to put a new site live using Lasso 8.6.3 on CentOS 5 when
>>>> PayPal changed their SSL setup to require TLS 1.2.
>>>>
>>>> So my host Anu (awesome guys) switched me to CentOS 6 where lib_curl
>>>> apparently supports TLS 1.2 however it seems Lasso¹s include_url
>>>> can¹t request the underlying lib_curl to use TLS 1.2.
>>>>
>>>> Is it possible to modify include_url?
>>>>
>>>> Anyone have any other ideas.
>>>>
>>>>
>>>> Regards
>>>>
>>>> Mark Palmer
>>>> E: [hidden email]
>>>> T: 01902 620500 and 01285 610035
>>>> W: www.pageworks.co.uk
>>>>
>>>> #############################################################
>>>>
>>>> This message is sent to you because you are subscribed to
>>>> the mailing list Lasso [hidden email]
>>>> Official list archives available at
>>>> http://secure-web.cisco.com/1L40dBT5be4uj6n_MDO-q7hLsekKwfT4IDl3rIEFemP4
>>>> LpBVVKNMJE1Y4SK3ey2MZ8VAdDtvBIOZXHzZjFDbGpJrLJGay5JHOY6Dye4l-V8Ocgdy-Uz9
>>>> k7n0euQ2fx_8DqrH7-fBcH9LvbzG9EEZVJeCutrT7q35TMDMm-KHRcU99vxS1pNxv0JLZBSJ
>>>> XXYLzodAJVg0g_p7zbNcFQ4h45QNBATil6dIbulRqySSsyZ5gYebWq4CTjrXyHrDoTUqw9L4
>>>> KH586TmJQHjPP4EudiP5kf1TuK0btJTODIjDjhUar4NCfZ9-Y-0KGPbNJOv14f2pGbAm_2gt
>>>> JlrPAWEaBXN4Vm0XX9HFA2-WTPOPZROU/http%3A%2F%2Fwww.lassotalk.com%0A%3E%3E
>>>> %20To%20unsubscribe%2C%20E-mail%20to%3A%20%3CLasso-unsubscribe%40lists.l
>>>> assosoft.com>
>>>> Send administrative queries to  <[hidden email]>
>>>
>>>
>>> #############################################################
>>>
>>> This message is sent to you because you are subscribed to
>>> the mailing list Lasso [hidden email]
>>> Official list archives available at
>>> http://secure-web.cisco.com/1FJ-K3fdnMWz1liKZWTq8h8fDrnLvVTS4dNceWi3K1vuK
>>> 5c-VgHqJzEu3_Ip2gw0dcPC61FVmqrGi7fGOYJIoK0h76nBSruwhJV0wROhnkaewYOo8NekL1
>>> dqPpZH6R3BJOCxYl-GrzZCxBPixKrKmcdtc4rvIxQDQCrv7oRbr5zttDXU6Z3c3uaLRZ-QbZr
>>> sxoQY2ZiZYaCKx0Z_0g4OZi6_oUlJc8A7b6ftvLZ4ueN09tsZvigY8wiqco3h-PxCD1vfx6Mt
>>> zU2rDq88mozBLVL63VIIdkzT7N0AOB93Ot6inhjTj-JNBH0q1iVZPmMsm3D2YXbZ4b_YEs91y
>>> a63Orcwx7bj8bvcxkMkQBx0prHM/http%3A%2F%2Fwww.lassotalk.com%0A%3E%20To%20u
>>> nsubscribe%2C%20E-mail%20to%3A%20%3CLasso-unsubscribe%40lists.lassosoft.c
>>> om>
>>> Send administrative queries to  <[hidden email]>
>>
>>
>> #############################################################
>>
>> This message is sent to you because you are subscribed to
>> the mailing list Lasso [hidden email]
>> Official list archives available at
>> http://secure-web.cisco.com/1A563f7HhxJ0QFS9DXVpBAUWdwbTBP6OwQ61KMf_i7ylYm
>> vfTkS_KjVcqXnLXRJSNHzMkAOGwZ2X6qKiZBNQdwKsxVAoVRig7z9W7BQVNhDb2FSiobSLlXBl
>> CIvFU4W74ItWu_TAFHlKrqfTWzwwEU9GvZFIsmkejEkbnV5H5orQmTXlxu95GnLaIljH_vRYOF
>> 04-M6NMGWO87eTo0TebxfYdp2-gR6yc7_3z20GX7oCUcz2I12G9N9kairhZLjS8AieLIN9Er-i
>> AscjRkq-f9W-7VTL7dIgsoLgi5J0vLPZmyw_3VbDK_Zzm0d_dm2elShyitJ9O-rIsohukZIFvp
>> Ho9F_Vu9tjAedEA0bTV4VE/http%3A%2F%2Fwww.lassotalk.com%0ATo%20unsubscribe%2
>> C%20E-mail%20to%3A%20%3CLasso-unsubscribe%40lists.lassosoft.com>
>> Send administrative queries to  <[hidden email]>
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
>  the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

stevepiercy
In reply to this post by French, Shelane
I wrote an article that covers the concepts of using os_process
with shell, as well as curl, to interact with third-party APIs
whether they are REST-ish or not, for Lasso 8.
http://www.stevepiercy.com/articles/rackspace_cloud-lasso-sdk-for-the-rackspace-cloud-files-api/

It includes comprehensive documentation, source code, and code examples.

--steve


On 3/14/16 at 4:35 PM, [hidden email] (French, Shelane) pronounced:

>Do you have that REST code shared anywhere? If not, would you mind? Why
>re-invent the wheel, right?
>
>On 3/13/16, 9:07 AM, "[hidden email] on behalf of Peter
>D Bethke" <[hidden email] on behalf of
>[hidden email]> wrote:
>
>>I agree with Steffan - rolling your own using curl (and PassThru +1)  is
>>not the worst thing you can do. I did that extensively recently building
>>my own REST client. It¹s got a ton of features that you can¹t access
>>using the built in include_url in 8.x.
>>
>>Peter
>>
>>> On Mar 11, 2016, at 12:42 PM, Steffan Cline <[hidden email]> wrote:
>>>   I had to do something similar for Credco a while back. I
>>>ended up using
>>>PassThru and wrote my own replacement of include_url. It took me a while
>>>but it works fine.
>>>   Sadly, I couldn¹t find any other way to make this happen.
>>>   Perhaps ask Eric Knibbe if he has some way to rebuild that
>>>tag from
>>>source since this is the way everything is going.
>>>    Thank you,
>>> Steffan Cline
>>> 602-793-0014
>>>          On 3/11/16, 8:27 AM, "Mark Palmer" <[hidden email]
>>>on behalf of [hidden email]> wrote:
>>>
>>>> Hi Listers,
>>>>   I was about to put a new site live using Lasso 8.6.3 on
>>>>CentOS 5 when
>>>> PayPal changed their SSL setup to require TLS 1.2.
>>>>   So my host Anu (awesome guys) switched me to CentOS 6
>>>>where lib_curl
>>>> apparently supports TLS 1.2 however it seems Lasso¹s include_url
>>>> can¹t request the underlying lib_curl to use TLS 1.2.
>>>>   Is it possible to modify include_url?
>>>>   Anyone have any other ideas.
>>>>    Regards
>>>>   Mark Palmer
>>>> E: [hidden email]
>>>> T: 01902 620500 and 01285 610035
>>>> W: www.pageworks.co.uk
>>>>   #############################################################
>>>>   This message is sent to you because you are subscribed to
>>>> the mailing list Lasso [hidden email]
>>>> Official list archives available at
>>>>http://secure-web.cisco.com/1L40dBT5be4uj6n_MDO-q7hLsekKwfT4IDl3rIEFemP4
>>>>LpBVVKNMJE1Y4SK3ey2MZ8VAdDtvBIOZXHzZjFDbGpJrLJGay5JHOY6Dye4l-V8Ocgdy-Uz9
>>>>k7n0euQ2fx_8DqrH7-fBcH9LvbzG9EEZVJeCutrT7q35TMDMm-KHRcU99vxS1pNxv0JLZBSJ
>>>>XXYLzodAJVg0g_p7zbNcFQ4h45QNBATil6dIbulRqySSsyZ5gYebWq4CTjrXyHrDoTUqw9L4
>>>>KH586TmJQHjPP4EudiP5kf1TuK0btJTODIjDjhUar4NCfZ9-Y-0KGPbNJOv14f2pGbAm_2gt
>>>>JlrPAWEaBXN4Vm0XX9HFA2-WTPOPZROU/http%3A%2F%2Fwww.lassotalk.com%0A%3E%3E
>>>>%20To%20unsubscribe%2C%20E-mail%20to%3A%20%3CLasso-unsubscribe%40lists.l
>>>>assosoft.com>
>>>> Send administrative queries to  <[hidden email]>
>>>    #############################################################
>>>   This message is sent to you because you are subscribed to
>>>  the mailing list Lasso [hidden email]
>>> Official list archives available at
>>>http://secure-web.cisco.com/1FJ-K3fdnMWz1liKZWTq8h8fDrnLvVTS4dNceWi3K1vuK
>>>5c-VgHqJzEu3_Ip2gw0dcPC61FVmqrGi7fGOYJIoK0h76nBSruwhJV0wROhnkaewYOo8NekL1
>>>dqPpZH6R3BJOCxYl-GrzZCxBPixKrKmcdtc4rvIxQDQCrv7oRbr5zttDXU6Z3c3uaLRZ-QbZr
>>>sxoQY2ZiZYaCKx0Z_0g4OZi6_oUlJc8A7b6ftvLZ4ueN09tsZvigY8wiqco3h-PxCD1vfx6Mt
>>>zU2rDq88mozBLVL63VIIdkzT7N0AOB93Ot6inhjTj-JNBH0q1iVZPmMsm3D2YXbZ4b_YEs91y
>>>a63Orcwx7bj8bvcxkMkQBx0prHM/http%3A%2F%2Fwww.lassotalk.com%0A%3E%20To%20u
>>>nsubscribe%2C%20E-mail%20to%3A%20%3CLasso-unsubscribe%40lists.lassosoft.c
>>>om>
>>> Send administrative queries to  <[hidden email]>
>>
>>
>>#############################################################
>>
>>This message is sent to you because you are subscribed to
>>the mailing list Lasso [hidden email]
>>Official list archives available at
>>http://secure-web.cisco.com/1A563f7HhxJ0QFS9DXVpBAUWdwbTBP6OwQ61KMf_i7ylYm
>>vfTkS_KjVcqXnLXRJSNHzMkAOGwZ2X6qKiZBNQdwKsxVAoVRig7z9W7BQVNhDb2FSiobSLlXBl
>>CIvFU4W74ItWu_TAFHlKrqfTWzwwEU9GvZFIsmkejEkbnV5H5orQmTXlxu95GnLaIljH_vRYOF
>>04-M6NMGWO87eTo0TebxfYdp2-gR6yc7_3z20GX7oCUcz2I12G9N9kairhZLjS8AieLIN9Er-i
>>AscjRkq-f9W-7VTL7dIgsoLgi5J0vLPZmyw_3VbDK_Zzm0d_dm2elShyitJ9O-rIsohukZIFvp
>>Ho9F_Vu9tjAedEA0bTV4VE/http%3A%2F%2Fwww.lassotalk.com%0ATo%20unsubscribe%2
>>C%20E-mail%20to%3A%20%3CLasso-unsubscribe%40lists.lassosoft.com>
>>Send administrative queries to  <[hidden email]>
>
>
>#############################################################
>
>This message is sent to you because you are subscribed to
>the mailing list Lasso [hidden email]
>Official list archives available at http://www.lassotalk.com
>To unsubscribe, E-mail to: <[hidden email]>
>Send administrative queries to  <[hidden email]>

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy              Website Builder              Soquel, CA
<[hidden email]>               <http://www.StevePiercy.com/>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

Kevin Bice
In reply to this post by maxwellk2
I am jumping in to this a little late as I have been away from the list.

It is my understanding that with the Authorize.net update below that you just have to have TLS 1.2 enabled and that you will be PCI compliant since the client will negotiate at the strongest level available between the client and server. I believe that they will try the strongest version first and then rollback until they find a common version. I would think that PayPal would play the same way. If the server turns off TLSv1.0 there should be no problem as long as you are TLSv1.2 capable.

Please fell free to correct me if you know that I am wrong so I can get to work on things…  :-)
.................................
Kevin Bice
512-879-1653
http://fmpweb.com
.................................
Web Development and Design



On Mar 14, 2016, at 2:01 PM, Maxwell Klein <[hidden email]> wrote:

> Thanks for the heads up on this Mark, seems like I'll be needing a solution for a handful of Lasso 8.6 site using Authorize.net - they sent this out recently…
>
>> TLS Remediation for PCI DSS Compliance
>> As you may already be aware, new PCI DSS requirements state that all payment systems must disable TLS 1.0 by 2018. Though we are still finalizing our plans for remediating TLS 1.0 in both sandbox and production, we will be disabling TLS 1.0 in sandbox and production in early 2017. This is to ensure that we are compliant ahead of the PCI date.
>> In addition, we are discussing the possibility of disabling TLS 1.1 at the same time, because while it is not expressly forbidden, there are enough concerns surrounding it. TLS 1.2 is currently the strongest available protocol, and we strongly urge all merchants and developer partners to use it for their API integrations.
>
>
> Very interested in what other Lasso 8.6'ers are doing to keep things working, but a rebuild of the include_url from Eric sounds ideal.
>
> -Max
>
>
>
>> On Mar 11, 2016, at 7:27 AM, Mark Palmer <[hidden email]> wrote:
>>
>> Hi Listers,
>>
>> I was about to put a new site live using Lasso 8.6.3 on CentOS 5 when PayPal changed their SSL setup to require TLS 1.2.
>>
>> So my host Anu (awesome guys) switched me to CentOS 6 where lib_curl apparently supports TLS 1.2 however it seems Lasso’s include_url can’t request the underlying lib_curl to use TLS 1.2.
>>
>> Is it possible to modify include_url?
>>
>> Anyone have any other ideas.
>>
>>
>> Regards
>>
>> Mark Palmer
>> E: [hidden email]
>> T: 01902 620500 and 01285 610035
>> W: www.pageworks.co.uk
>>
>> #############################################################
>>
>> This message is sent to you because you are subscribed to
>> the mailing list Lasso [hidden email]
>> Official list archives available at http://www.lassotalk.com
>> To unsubscribe, E-mail to: <[hidden email]>
>> Send administrative queries to  <[hidden email]>
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
>  the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

stevepiercy
Nope.  See Mark Palmer's original message for the issue.

One alternative solution is to "shell out" and use curl via
os_process for Lasso 8, unless LassoSoft releases an update.

--steve


On 3/16/16 at 2:31 PM, [hidden email] (Kevin Bice) pronounced:

>I am jumping in to this a little late as I have been away from
>the list.
>It is my understanding that with the Authorize.net update below
>that you just have to have TLS 1.2 enabled and that you will be
>PCI compliant since the client will negotiate at the strongest
>level available between the client and server. I believe that
>they will try the strongest version first and then rollback
>until they find a common version. I would think that PayPal
>would play the same way. If the server turns off TLSv1.0 there
>should be no problem as long as you are TLSv1.2 capable.
>
>Please fell free to correct me if you know that I am wrong so I
>can get to work on things…  :-)
>.................................
>Kevin Bice
>512-879-1653
>http://fmpweb.com
>.................................
>Web Development and Design
>
>
>
>On Mar 14, 2016, at 2:01 PM, Maxwell Klein <[hidden email]> wrote:
>
>>Thanks for the heads up on this Mark, seems like I'll be needing a solution for a
>handful of Lasso 8.6 site using Authorize.net - they sent this out recently…
>>
>>> TLS Remediation for PCI DSS Compliance
>>> As you may already be aware, new PCI DSS requirements state that all payment systems
>must disable TLS 1.0 by 2018. Though we are still finalizing
>our plans for remediating TLS 1.0 in both sandbox and
>production, we will be disabling TLS 1.0 in sandbox and
>production in early 2017. This is to ensure that we are
>compliant ahead of the PCI date.
>>> In addition, we are discussing the possibility of disabling TLS 1.1 at the same time,
>because while it is not expressly forbidden, there are enough
>concerns surrounding it. TLS 1.2 is currently the strongest
>available protocol, and we strongly urge all merchants and
>developer partners to use it for their API integrations.
>>
>>
>>Very interested in what other Lasso 8.6'ers are doing to keep things working, but a
>rebuild of the include_url from Eric sounds ideal.
>>
>>-Max
>>
>>
>>
>>> On Mar 11, 2016, at 7:27 AM, Mark Palmer <[hidden email]> wrote:
>>>   Hi Listers,
>>>   I was about to put a new site live using Lasso 8.6.3 on
>>>CentOS 5 when PayPal changed
>their SSL setup to require TLS 1.2.
>>>   So my host Anu (awesome guys) switched me to CentOS 6
>>>where lib_curl apparently
>supports TLS 1.2 however it seems Lasso’s include_url can’t
>request the underlying lib_curl to use TLS 1.2.
>>>   Is it possible to modify include_url?
>>>   Anyone have any other ideas.
>>>    Regards
>>>   Mark Palmer
>>> E: [hidden email]
>>> T: 01902 620500 and 01285 610035
>>> W: www.pageworks.co.uk
>>>   #############################################################
>>>   This message is sent to you because you are subscribed to
>>> the mailing list Lasso [hidden email]
>>> Official list archives available at http://www.lassotalk.com
>>> To unsubscribe, E-mail to: <[hidden email]>
>>> Send administrative queries to  <[hidden email]>
>>
>>
>>#############################################################
>>
>>This message is sent to you because you are subscribed to
>>the mailing list Lasso [hidden email]
>>Official list archives available at http://www.lassotalk.com
>>To unsubscribe, E-mail to: <[hidden email]>
>>Send administrative queries to  <[hidden email]>
>
>
>#############################################################
>
>This message is sent to you because you are subscribed to
>the mailing list Lasso [hidden email]
>Official list archives available at http://www.lassotalk.com
>To unsubscribe, E-mail to: <[hidden email]>
>Send administrative queries to  <[hidden email]>

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy              Website Builder              Soquel, CA
<[hidden email]>               <http://www.StevePiercy.com/>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

Kevin Bice
Are you interested in rewriting the AuthorizeNet_AIM tag for those of us who just can’t seem to move to 9? If not, it is back to work for me, and I assume many others using your custom tag. I would be willing to pay my share.
.................................
Kevin Bice
512-879-1653
http://fmpweb.com
.................................
Web Development and Design



On Mar 16, 2016, at 3:55 PM, Steve Piercy - Website Builder <[hidden email]> wrote:

> Nope.  See Mark Palmer's original message for the issue.
>
> One alternative solution is to "shell out" and use curl via os_process for Lasso 8, unless LassoSoft releases an update.
>
> --steve
>
>
> On 3/16/16 at 2:31 PM, [hidden email] (Kevin Bice) pronounced:
>
>> I am jumping in to this a little late as I have been away from the list.
>> It is my understanding that with the Authorize.net update below that you just have to have TLS 1.2 enabled and that you will be PCI compliant since the client will negotiate at the strongest level available between the client and server. I believe that they will try the strongest version first and then rollback until they find a common version. I would think that PayPal would play the same way. If the server turns off TLSv1.0 there should be no problem as long as you are TLSv1.2 capable.
>>
>> Please fell free to correct me if you know that I am wrong so I can get to work on things…  :-)
>> .................................
>> Kevin Bice
>> 512-879-1653
>> http://fmpweb.com
>> .................................
>> Web Development and Design
>>
>>
>>
>> On Mar 14, 2016, at 2:01 PM, Maxwell Klein <[hidden email]> wrote:
>>
>>> Thanks for the heads up on this Mark, seems like I'll be needing a solution for a
>> handful of Lasso 8.6 site using Authorize.net - they sent this out recently…
>>>
>>>> TLS Remediation for PCI DSS Compliance
>>>> As you may already be aware, new PCI DSS requirements state that all payment systems
>> must disable TLS 1.0 by 2018. Though we are still finalizing our plans for remediating TLS 1.0 in both sandbox and production, we will be disabling TLS 1.0 in sandbox and production in early 2017. This is to ensure that we are compliant ahead of the PCI date.
>>>> In addition, we are discussing the possibility of disabling TLS 1.1 at the same time,
>> because while it is not expressly forbidden, there are enough concerns surrounding it. TLS 1.2 is currently the strongest available protocol, and we strongly urge all merchants and developer partners to use it for their API integrations.
>>>
>>>
>>> Very interested in what other Lasso 8.6'ers are doing to keep things working, but a
>> rebuild of the include_url from Eric sounds ideal.
>>>
>>> -Max
>>>
>>>
>>>
>>>> On Mar 11, 2016, at 7:27 AM, Mark Palmer <[hidden email]> wrote:
>>>>  Hi Listers,
>>>>  I was about to put a new site live using Lasso 8.6.3 on CentOS 5 when PayPal changed
>> their SSL setup to require TLS 1.2.
>>>>  So my host Anu (awesome guys) switched me to CentOS 6 where lib_curl apparently
>> supports TLS 1.2 however it seems Lasso’s include_url can’t request the underlying lib_curl to use TLS 1.2.
>>>>  Is it possible to modify include_url?
>>>>  Anyone have any other ideas.
>>>>   Regards
>>>>  Mark Palmer
>>>> E: [hidden email]
>>>> T: 01902 620500 and 01285 610035
>>>> W: www.pageworks.co.uk
>>>>  #############################################################
>>>>  This message is sent to you because you are subscribed to
>>>> the mailing list Lasso [hidden email]
>>>> Official list archives available at http://www.lassotalk.com
>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>> Send administrative queries to  <[hidden email]>
>>>
>>>
>>> #############################################################
>>>
>>> This message is sent to you because you are subscribed to
>>> the mailing list Lasso [hidden email]
>>> Official list archives available at http://www.lassotalk.com
>>> To unsubscribe, E-mail to: <[hidden email]>
>>> Send administrative queries to  <[hidden email]>
>>
>>
>> #############################################################
>>
>> This message is sent to you because you are subscribed to
>> the mailing list Lasso [hidden email]
>> Official list archives available at http://www.lassotalk.com
>> To unsubscribe, E-mail to: <[hidden email]>
>> Send administrative queries to  <[hidden email]>
>
> -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
> Steve Piercy              Website Builder              Soquel, CA
> <[hidden email]>               <http://www.StevePiercy.com/>
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
> the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

stevepiercy
My free and open source software (FOSS) contributions have been
focused more on Python and Pyramid lately, but I can be
persuaded to make my Lasso FOSS a higher priority.  I won't say
"no" to beer money.  :)

Also the current versions of AuthorizeNet_AIM for Lasso 8 and
AuthorizeNet_AIM_9 for Lasso 9 are FOSS.  Anyone can
contribute.  However, they both currently use [include_url] as
the method to send an HTTP POST request.
https://github.com/stevepiercy/AuthorizeNet_AIM
https://github.com/stevepiercy/AuthorizeNet_AIM_9

Note if you haven't updated to use the latest version of the
methods for your version of Lasso, then you should do so before
June 2016, because:
http://www.authorize.net/support/akamaifaqs/

--steve


On 3/16/16 at 6:04 PM, [hidden email] (Kevin Bice) pronounced:

>Are you interested in rewriting the AuthorizeNet_AIM tag for
>those of us who just can’t seem to move to 9? If not, it is
>back to work for me, and I assume many others using your custom
>tag. I would be willing to pay my share.
>.................................
>Kevin Bice
>512-879-1653
>http://fmpweb.com
>.................................
>Web Development and Design
>
>
>
>On Mar 16, 2016, at 3:55 PM, Steve Piercy - Website Builder <[hidden email]> wrote:
>
>>Nope.  See Mark Palmer's original message for the issue.
>>
>>One alternative solution is to "shell out" and use curl via os_process for Lasso 8,
>unless LassoSoft releases an update.
>>
>>--steve
>>
>>
>>On 3/16/16 at 2:31 PM, [hidden email] (Kevin Bice) pronounced:
>>
>>> I am jumping in to this a little late as I have been away from the list.
>>> It is my understanding that with the Authorize.net update below that you just have to
>have TLS 1.2 enabled and that you will be PCI compliant since
>the client will negotiate at the strongest level available
>between the client and server. I believe that they will try the
>strongest version first and then rollback until they find a
>common version. I would think that PayPal would play the same
>way. If the server turns off TLSv1.0 there should be no problem
>as long as you are TLSv1.2 capable.
>>>   Please fell free to correct me if you know that I am wrong
>>>so I can get to work on
>things…  :-)
>>> .................................
>>> Kevin Bice
>>> 512-879-1653
>>> http://fmpweb.com
>>> .................................
>>> Web Development and Design
>>>     On Mar 14, 2016, at 2:01 PM, Maxwell Klein
>>><[hidden email]> wrote:
>>>
>>>> Thanks for the heads up on this Mark, seems like I'll be needing a solution for a
>>> handful of Lasso 8.6 site using Authorize.net - they sent this out recently…
>>>>
>>>>> TLS Remediation for PCI DSS Compliance
>>>>> As you may already be aware, new PCI DSS requirements state that all payment systems
>>> must disable TLS 1.0 by 2018. Though we are still finalizing our plans for remediating
>TLS 1.0 in both sandbox and production, we will be disabling
>TLS 1.0 in sandbox and production in early 2017. This is to
>ensure that we are compliant ahead of the PCI date.
>>>>> In addition, we are discussing the possibility of disabling TLS 1.1 at the same time,
>>> because while it is not expressly forbidden, there are enough concerns surrounding it.
>TLS 1.2 is currently the strongest available protocol, and we
>strongly urge all merchants and developer partners to use it
>for their API integrations.
>>>>    Very interested in what other Lasso 8.6'ers are doing to
>>>>keep things working, but a
>>> rebuild of the include_url from Eric sounds ideal.
>>>>   -Max
>>>>  
>>>>> On Mar 11, 2016, at 7:27 AM, Mark Palmer <[hidden email]> wrote:
>>>>>  Hi Listers,
>>>>>  I was about to put a new site live using Lasso 8.6.3 on CentOS 5 when PayPal changed
>>> their SSL setup to require TLS 1.2.
>>>>>  So my host Anu (awesome guys) switched me to CentOS 6 where lib_curl apparently
>>> supports TLS 1.2 however it seems Lasso’s include_url can’t request the underlying
>lib_curl to use TLS 1.2.
>>>>>  Is it possible to modify include_url?
>>>>>  Anyone have any other ideas.
>>>>>   Regards
>>>>>  Mark Palmer
>>>>> E: [hidden email]
>>>>> T: 01902 620500 and 01285 610035
>>>>> W: www.pageworks.co.uk
>>>>>  #############################################################
>>>>>  This message is sent to you because you are subscribed to
>>>>> the mailing list Lasso [hidden email]
>>>>> Official list archives available at http://www.lassotalk.com
>>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>>> Send administrative queries to  <[hidden email]>
>>>>    #############################################################
>>>>   This message is sent to you because you are subscribed to
>>>> the mailing list Lasso [hidden email]
>>>> Official list archives available at http://www.lassotalk.com
>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>> Send administrative queries to  <[hidden email]>
>>>    #############################################################
>>>   This message is sent to you because you are subscribed to
>>> the mailing list Lasso [hidden email]
>>> Official list archives available at http://www.lassotalk.com
>>> To unsubscribe, E-mail to: <[hidden email]>
>>> Send administrative queries to  <[hidden email]>
>>
>>-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
>>Steve Piercy              Website Builder              Soquel, CA
>><[hidden email]>               <http://www.StevePiercy.com/>
>>
>>
>>#############################################################
>>
>>This message is sent to you because you are subscribed to
>>the mailing list Lasso [hidden email]
>>Official list archives available at http://www.lassotalk.com
>>To unsubscribe, E-mail to: <[hidden email]>
>>Send administrative queries to  <[hidden email]>
>
>
>#############################################################
>
>This message is sent to you because you are subscribed to
>the mailing list Lasso [hidden email]
>Official list archives available at http://www.lassotalk.com
>To unsubscribe, E-mail to: <[hidden email]>
>Send administrative queries to  <[hidden email]>

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy              Website Builder              Soquel, CA
<[hidden email]>               <http://www.StevePiercy.com/>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

maxwellk2
In reply to this post by Kevin Bice
+1

-Max


> On Mar 16, 2016, at 4:04 PM, Kevin Bice <[hidden email]> wrote:
>
> Are you interested in rewriting the AuthorizeNet_AIM tag for those of us who just can’t seem to move to 9? If not, it is back to work for me, and I assume many others using your custom tag. I would be willing to pay my share.
> .................................
> Kevin Bice
> 512-879-1653
> http://fmpweb.com
> .................................
> Web Development and Design
>
>
>
> On Mar 16, 2016, at 3:55 PM, Steve Piercy - Website Builder <[hidden email]> wrote:
>
>> Nope.  See Mark Palmer's original message for the issue.
>>
>> One alternative solution is to "shell out" and use curl via os_process for Lasso 8, unless LassoSoft releases an update.
>>
>> --steve
>>
>>
>> On 3/16/16 at 2:31 PM, [hidden email] (Kevin Bice) pronounced:
>>
>>> I am jumping in to this a little late as I have been away from the list.
>>> It is my understanding that with the Authorize.net update below that you just have to have TLS 1.2 enabled and that you will be PCI compliant since the client will negotiate at the strongest level available between the client and server. I believe that they will try the strongest version first and then rollback until they find a common version. I would think that PayPal would play the same way. If the server turns off TLSv1.0 there should be no problem as long as you are TLSv1.2 capable.
>>>
>>> Please fell free to correct me if you know that I am wrong so I can get to work on things…  :-)
>>> .................................
>>> Kevin Bice
>>> 512-879-1653
>>> http://fmpweb.com
>>> .................................
>>> Web Development and Design
>>>
>>>
>>>
>>> On Mar 14, 2016, at 2:01 PM, Maxwell Klein <[hidden email]> wrote:
>>>
>>>> Thanks for the heads up on this Mark, seems like I'll be needing a solution for a
>>> handful of Lasso 8.6 site using Authorize.net - they sent this out recently…
>>>>
>>>>> TLS Remediation for PCI DSS Compliance
>>>>> As you may already be aware, new PCI DSS requirements state that all payment systems
>>> must disable TLS 1.0 by 2018. Though we are still finalizing our plans for remediating TLS 1.0 in both sandbox and production, we will be disabling TLS 1.0 in sandbox and production in early 2017. This is to ensure that we are compliant ahead of the PCI date.
>>>>> In addition, we are discussing the possibility of disabling TLS 1.1 at the same time,
>>> because while it is not expressly forbidden, there are enough concerns surrounding it. TLS 1.2 is currently the strongest available protocol, and we strongly urge all merchants and developer partners to use it for their API integrations.
>>>>
>>>>
>>>> Very interested in what other Lasso 8.6'ers are doing to keep things working, but a
>>> rebuild of the include_url from Eric sounds ideal.
>>>>
>>>> -Max
>>>>
>>>>
>>>>
>>>>> On Mar 11, 2016, at 7:27 AM, Mark Palmer <[hidden email]> wrote:
>>>>> Hi Listers,
>>>>> I was about to put a new site live using Lasso 8.6.3 on CentOS 5 when PayPal changed
>>> their SSL setup to require TLS 1.2.
>>>>> So my host Anu (awesome guys) switched me to CentOS 6 where lib_curl apparently
>>> supports TLS 1.2 however it seems Lasso’s include_url can’t request the underlying lib_curl to use TLS 1.2.
>>>>> Is it possible to modify include_url?
>>>>> Anyone have any other ideas.
>>>>>  Regards
>>>>> Mark Palmer
>>>>> E: [hidden email]
>>>>> T: 01902 620500 and 01285 610035
>>>>> W: www.pageworks.co.uk
>>>>> #############################################################
>>>>> This message is sent to you because you are subscribed to
>>>>> the mailing list Lasso [hidden email]
>>>>> Official list archives available at http://www.lassotalk.com
>>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>>> Send administrative queries to  <[hidden email]>
>>>>
>>>>
>>>> #############################################################
>>>>
>>>> This message is sent to you because you are subscribed to
>>>> the mailing list Lasso [hidden email]
>>>> Official list archives available at http://www.lassotalk.com
>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>> Send administrative queries to  <[hidden email]>
>>>
>>>
>>> #############################################################
>>>
>>> This message is sent to you because you are subscribed to
>>> the mailing list Lasso [hidden email]
>>> Official list archives available at http://www.lassotalk.com
>>> To unsubscribe, E-mail to: <[hidden email]>
>>> Send administrative queries to  <[hidden email]>
>>
>> -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
>> Steve Piercy              Website Builder              Soquel, CA
>> <[hidden email]>               <http://www.StevePiercy.com/>
>>
>>
>> #############################################################
>>
>> This message is sent to you because you are subscribed to
>> the mailing list Lasso [hidden email]
>> Official list archives available at http://www.lassotalk.com
>> To unsubscribe, E-mail to: <[hidden email]>
>> Send administrative queries to  <[hidden email]>
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
>  the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

decorior
+1

> On Mar 16, 2016, at 5:47 PM, Maxwell Klein <[hidden email]> wrote:
>
> +1
>
> -Max
>
>
>> On Mar 16, 2016, at 4:04 PM, Kevin Bice <[hidden email]> wrote:
>>
>> Are you interested in rewriting the AuthorizeNet_AIM tag for those of us who just can’t seem to move to 9? If not, it is back to work for me, and I assume many others using your custom tag. I would be willing to pay my share.
>> .................................
>> Kevin Bice
>> 512-879-1653
>> http://fmpweb.com
>> .................................
>> Web Development and Design
>>
>>
>>
>> On Mar 16, 2016, at 3:55 PM, Steve Piercy - Website Builder <[hidden email]> wrote:
>>
>>> Nope.  See Mark Palmer's original message for the issue.
>>>
>>> One alternative solution is to "shell out" and use curl via os_process for Lasso 8, unless LassoSoft releases an update.
>>>
>>> --steve
>>>
>>>
>>> On 3/16/16 at 2:31 PM, [hidden email] (Kevin Bice) pronounced:
>>>
>>>> I am jumping in to this a little late as I have been away from the list.
>>>> It is my understanding that with the Authorize.net update below that you just have to have TLS 1.2 enabled and that you will be PCI compliant since the client will negotiate at the strongest level available between the client and server. I believe that they will try the strongest version first and then rollback until they find a common version. I would think that PayPal would play the same way. If the server turns off TLSv1.0 there should be no problem as long as you are TLSv1.2 capable.
>>>>
>>>> Please fell free to correct me if you know that I am wrong so I can get to work on things…  :-)
>>>> .................................
>>>> Kevin Bice
>>>> 512-879-1653
>>>> http://fmpweb.com
>>>> .................................
>>>> Web Development and Design
>>>>
>>>>
>>>>
>>>> On Mar 14, 2016, at 2:01 PM, Maxwell Klein <[hidden email]> wrote:
>>>>
>>>>> Thanks for the heads up on this Mark, seems like I'll be needing a solution for a
>>>> handful of Lasso 8.6 site using Authorize.net - they sent this out recently…
>>>>>
>>>>>> TLS Remediation for PCI DSS Compliance
>>>>>> As you may already be aware, new PCI DSS requirements state that all payment systems
>>>> must disable TLS 1.0 by 2018. Though we are still finalizing our plans for remediating TLS 1.0 in both sandbox and production, we will be disabling TLS 1.0 in sandbox and production in early 2017. This is to ensure that we are compliant ahead of the PCI date.
>>>>>> In addition, we are discussing the possibility of disabling TLS 1.1 at the same time,
>>>> because while it is not expressly forbidden, there are enough concerns surrounding it. TLS 1.2 is currently the strongest available protocol, and we strongly urge all merchants and developer partners to use it for their API integrations.
>>>>>
>>>>>
>>>>> Very interested in what other Lasso 8.6'ers are doing to keep things working, but a
>>>> rebuild of the include_url from Eric sounds ideal.
>>>>>
>>>>> -Max
>>>>>
>>>>>
>>>>>
>>>>>> On Mar 11, 2016, at 7:27 AM, Mark Palmer <[hidden email]> wrote:
>>>>>> Hi Listers,
>>>>>> I was about to put a new site live using Lasso 8.6.3 on CentOS 5 when PayPal changed
>>>> their SSL setup to require TLS 1.2.
>>>>>> So my host Anu (awesome guys) switched me to CentOS 6 where lib_curl apparently
>>>> supports TLS 1.2 however it seems Lasso’s include_url can’t request the underlying lib_curl to use TLS 1.2.
>>>>>> Is it possible to modify include_url?
>>>>>> Anyone have any other ideas.
>>>>>> Regards
>>>>>> Mark Palmer
>>>>>> E: [hidden email]
>>>>>> T: 01902 620500 and 01285 610035
>>>>>> W: www.pageworks.co.uk
>>>>>> #############################################################
>>>>>> This message is sent to you because you are subscribed to
>>>>>> the mailing list Lasso [hidden email]
>>>>>> Official list archives available at http://www.lassotalk.com
>>>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>>>> Send administrative queries to  <[hidden email]>
>>>>>
>>>>>
>>>>> #############################################################
>>>>>
>>>>> This message is sent to you because you are subscribed to
>>>>> the mailing list Lasso [hidden email]
>>>>> Official list archives available at http://www.lassotalk.com
>>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>>> Send administrative queries to  <[hidden email]>
>>>>
>>>>
>>>> #############################################################
>>>>
>>>> This message is sent to you because you are subscribed to
>>>> the mailing list Lasso [hidden email]
>>>> Official list archives available at http://www.lassotalk.com
>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>> Send administrative queries to  <[hidden email]>
>>>
>>> -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
>>> Steve Piercy              Website Builder              Soquel, CA
>>> <[hidden email]>               <http://www.StevePiercy.com/>
>>>
>>>
>>> #############################################################
>>>
>>> This message is sent to you because you are subscribed to
>>> the mailing list Lasso [hidden email]
>>> Official list archives available at http://www.lassotalk.com
>>> To unsubscribe, E-mail to: <[hidden email]>
>>> Send administrative queries to  <[hidden email]>
>>
>>
>> #############################################################
>>
>> This message is sent to you because you are subscribed to
>> the mailing list Lasso [hidden email]
>> Official list archives available at http://www.lassotalk.com
>> To unsubscribe, E-mail to: <[hidden email]>
>> Send administrative queries to  <[hidden email]>
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
>  the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

stevepiercy
+1

--steve



On 3/16/16 at 5:59 PM, [hidden email] (deco rior) pronounced:

>+1
>
>>On Mar 16, 2016, at 5:47 PM, Maxwell Klein <[hidden email]> wrote:
>>
>>+1
>>
>>-Max
>>
>>
>>> On Mar 16, 2016, at 4:04 PM, Kevin Bice <[hidden email]> wrote:
>>>   Are you interested in rewriting the AuthorizeNet_AIM tag
>>>for those of us who just can’t
>seem to move to 9? If not, it is back to work for me, and I
>assume many others using your custom tag. I would be willing to
>pay my share.
>>> .................................
>>> Kevin Bice
>>> 512-879-1653
>>> http://fmpweb.com
>>> .................................
>>> Web Development and Design
>>>     On Mar 16, 2016, at 3:55 PM, Steve Piercy - Website
>>>Builder <[hidden email]>
>wrote:
>>>
>>>> Nope.  See Mark Palmer's original message for the issue.
>>>>   One alternative solution is to "shell out" and use curl
>>>>via os_process for Lasso 8,
>unless LassoSoft releases an update.
>>>>   --steve
>>>>    On 3/16/16 at 2:31 PM, [hidden email] (Kevin Bice) pronounced:
>>>>
>>>>> I am jumping in to this a little late as I have been away from the list.
>>>>> It is my understanding that with the Authorize.net update below that you just have to
>have TLS 1.2 enabled and that you will be PCI compliant since
>the client will negotiate at the strongest level available
>between the client and server. I believe that they will try the
>strongest version first and then rollback until they find a
>common version. I would think that PayPal would play the same
>way. If the server turns off TLSv1.0 there should be no problem
>as long as you are TLSv1.2 capable.
>>>>>   Please fell free to correct me if you know that I am
>>>>>wrong so I can get to work on
>things…  :-)
>>>>> .................................
>>>>> Kevin Bice
>>>>> 512-879-1653
>>>>> http://fmpweb.com
>>>>> .................................
>>>>> Web Development and Design
>>>>>     On Mar 14, 2016, at 2:01 PM, Maxwell Klein
>>>>><[hidden email]> wrote:
>>>>>
>>>>>> Thanks for the heads up on this Mark, seems like I'll be needing a solution for a
>>>>> handful of Lasso 8.6 site using Authorize.net - they sent this out recently…
>>>>>>
>>>>>>> TLS Remediation for PCI DSS Compliance
>>>>>>> As you may already be aware, new PCI DSS requirements state that all payment
>systems
>>>>> must disable TLS 1.0 by 2018. Though we are still finalizing our plans for
>remediating TLS 1.0 in both sandbox and production, we will be
>disabling TLS 1.0 in sandbox and production in early 2017. This
>is to ensure that we are compliant ahead of the PCI date.
>>>>>>> In addition, we are discussing the possibility of disabling TLS 1.1 at the same
>time,
>>>>> because while it is not expressly forbidden, there are enough concerns surrounding
>it. TLS 1.2 is currently the strongest available protocol, and
>we strongly urge all merchants and developer partners to use it
>for their API integrations.
>>>>>>    Very interested in what other Lasso 8.6'ers are doing
>>>>>>to keep things working, but a
>>>>> rebuild of the include_url from Eric sounds ideal.
>>>>>>   -Max
>>>>>>  
>>>>>>> On Mar 11, 2016, at 7:27 AM, Mark Palmer <[hidden email]> wrote:
>>>>>>> Hi Listers,
>>>>>>> I was about to put a new site live using Lasso 8.6.3 on CentOS 5 when PayPal
>changed
>>>>> their SSL setup to require TLS 1.2.
>>>>>>> So my host Anu (awesome guys) switched me to CentOS 6 where lib_curl apparently
>>>>> supports TLS 1.2 however it seems Lasso’s include_url can’t request the underlying
>lib_curl to use TLS 1.2.
>>>>>>> Is it possible to modify include_url?
>>>>>>> Anyone have any other ideas.
>>>>>>> Regards
>>>>>>> Mark Palmer
>>>>>>> E: [hidden email]
>>>>>>> T: 01902 620500 and 01285 610035
>>>>>>> W: www.pageworks.co.uk
>>>>>>> #############################################################
>>>>>>> This message is sent to you because you are subscribed to
>>>>>>> the mailing list Lasso [hidden email]
>>>>>>> Official list archives available at http://www.lassotalk.com
>>>>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>>>>> Send administrative queries to  <[hidden email]>
>>>>>>    #############################################################
>>>>>>   This message is sent to you because you are subscribed to
>>>>>> the mailing list Lasso [hidden email]
>>>>>> Official list archives available at http://www.lassotalk.com
>>>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>>>> Send administrative queries to  <[hidden email]>
>>>>>    #############################################################
>>>>>   This message is sent to you because you are subscribed to
>>>>> the mailing list Lasso [hidden email]
>>>>> Official list archives available at http://www.lassotalk.com
>>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>>> Send administrative queries to  <[hidden email]>
>>>>   -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
>>>>-- -- --
>>>> Steve Piercy              Website Builder              Soquel, CA
>>>> <[hidden email]>               <http://www.StevePiercy.com/>
>>>>    #############################################################
>>>>   This message is sent to you because you are subscribed to
>>>> the mailing list Lasso [hidden email]
>>>> Official list archives available at http://www.lassotalk.com
>>>> To unsubscribe, E-mail to: <[hidden email]>
>>>> Send administrative queries to  <[hidden email]>
>>>    #############################################################
>>>   This message is sent to you because you are subscribed to
>>> the mailing list Lasso [hidden email]
>>> Official list archives available at http://www.lassotalk.com
>>> To unsubscribe, E-mail to: <[hidden email]>
>>> Send administrative queries to  <[hidden email]>
>>
>>
>>#############################################################
>>
>>This message is sent to you because you are subscribed to
>>the mailing list Lasso [hidden email]
>>Official list archives available at http://www.lassotalk.com
>>To unsubscribe, E-mail to: <[hidden email]>
>>Send administrative queries to  <[hidden email]>
>
>
>#############################################################
>
>This message is sent to you because you are subscribed to
>the mailing list Lasso [hidden email]
>Official list archives available at http://www.lassotalk.com
>To unsubscribe, E-mail to: <[hidden email]>
>Send administrative queries to  <[hidden email]>

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy              Website Builder              Soquel, CA
<[hidden email]>               <http://www.StevePiercy.com/>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso 8.6.3 and TLS 1.2

stevepiercy
In reply to this post by Mark Palmer
I filed a ticket:
http://www.lassosoft.com/rhinotrac?id=8010

Personally, I've been dropping Lasso 8 in favor of other things
for my clients because support on modern operating systems from
LassoSoft is what it is.
http://www.lassosoft.com/versions

LassoSoft could fix Lasso 8 to use the updated version of
lib_curl on CentOS/RHEL 6+, making an update to AuthorizeNet_AIM moot.

As such, I have no desire as an unpaid volunteer to update
AuthorizeNet_AIM to use a method that shells out and is backward
compatible.  I'll accept pull requests, or I can be hired to do
the labor.
https://github.com/stevepiercy/AuthorizeNet_AIM

--steve


On 3/16/16 at 5:50 PM, [hidden email] (Steve Piercy -
Website Builder) pronounced:

>+1
>
>--steve
>
>
>
>On 3/16/16 at 5:59 PM, [hidden email] (deco rior) pronounced:
>
>>+1
>>
>>>On Mar 16, 2016, at 5:47 PM, Maxwell Klein <[hidden email]> wrote:
>>>
>>>+1
>>>
>>>-Max
>>>
>>>
>>>>On Mar 16, 2016, at 4:04 PM, Kevin Bice <[hidden email]> wrote:
>>>>   Are you interested in rewriting the AuthorizeNet_AIM tag
>>>>for those of us who just can’t
>>seem to move to 9? If not, it is back to work for me, and I
>>assume many others using your custom tag. I would be willing
>>to pay my share.
>>>>.................................
>>>>Kevin Bice
>>>>512-879-1653
>>>>http://fmpweb.com
>>>>.................................
>>>>Web Development and Design
>>>>     On Mar 16, 2016, at 3:55 PM, Steve Piercy - Website
>>>>Builder <[hidden email]>
>>wrote:
>>>>
>>>>>Nope.  See Mark Palmer's original message for the issue.
>>>>>   One alternative solution is to "shell out" and use curl
>>>>>via os_process for Lasso 8,
>>unless LassoSoft releases an update.
>>>>>  --steve
>>>>>   On 3/16/16 at 2:31 PM, [hidden email] (Kevin Bice) pronounced:
>>>>>
>>>>>>I am jumping in to this a little late as I have been away from the list.
>>>>>>It is my understanding that with the Authorize.net update below that you just have to
>>have TLS 1.2 enabled and that you will be PCI compliant since
>>the client will negotiate at the strongest level available
>>between the client and server. I believe that they will try
>>the strongest version first and then rollback until they find
>>a common version. I would think that PayPal would play the
>>same way. If the server turns off TLSv1.0 there should be no
>>problem as long as you are TLSv1.2 capable.
>>>>>>   Please fell free to correct me if you know that I am
>>>>>>wrong so I can get to work on
>>things…  :-)
>>>>>>.................................
>>>>>>Kevin Bice
>>>>>>512-879-1653
>>>>>>http://fmpweb.com
>>>>>>.................................
>>>>>>Web Development and Design
>>>>>>     On Mar 14, 2016, at 2:01 PM, Maxwell Klein
>>>>>><[hidden email]> wrote:
>>>>>>
>>>>>>>Thanks for the heads up on this Mark, seems like I'll be needing a solution for a
>>>>>>handful of Lasso 8.6 site using Authorize.net - they sent this out recently…
>>>>>>>
>>>>>>>>TLS Remediation for PCI DSS Compliance
>>>>>>>>As you may already be aware, new PCI DSS requirements state that all payment
>>systems
>>>>>>must disable TLS 1.0 by 2018. Though we are still finalizing our plans for
>>remediating TLS 1.0 in both sandbox and production, we will be
>>disabling TLS 1.0 in sandbox and production in early 2017.
>>This is to ensure that we are compliant ahead of the PCI date.
>>>>>>>>In addition, we are discussing the possibility of disabling TLS 1.1 at the same
>>time,
>>>>>>because while it is not expressly forbidden, there are enough concerns surrounding
>>it. TLS 1.2 is currently the strongest available protocol, and
>>we strongly urge all merchants and developer partners to use
>>it for their API integrations.
>>>>>>>    Very interested in what other Lasso 8.6'ers are doing
>>>>>>>to keep things working, but a
>>>>>>rebuild of the include_url from Eric sounds ideal.
>>>>>>>  -Max
>>>>>>>
>>>>>>>>On Mar 11, 2016, at 7:27 AM, Mark Palmer <[hidden email]> wrote:
>>>>>>>>Hi Listers,
>>>>>>>>I was about to put a new site live using Lasso 8.6.3 on CentOS 5 when PayPal
>>changed
>>>>>>their SSL setup to require TLS 1.2.
>>>>>>>>So my host Anu (awesome guys) switched me to CentOS 6 where lib_curl apparently
>>>>>>supports TLS 1.2 however it seems Lasso’s include_url can’t request the underlying
>>lib_curl to use TLS 1.2.
>>>>>>>>Is it possible to modify include_url?
>>>>>>>>Anyone have any other ideas.
>>>>>>>>Regards
>>>>>>>>Mark Palmer
>>>>>>>>E: [hidden email]
>>>>>>>>T: 01902 620500 and 01285 610035
>>>>>>>>W: www.pageworks.co.uk
>>>>>>>>#############################################################
>>>>>>>>This message is sent to you because you are subscribed to
>>>>>>>>the mailing list Lasso [hidden email]
>>>>>>>>Official list archives available at http://www.lassotalk.com
>>>>>>>>To unsubscribe, E-mail to: <[hidden email]>
>>>>>>>>Send administrative queries to  <[hidden email]>
>>>>>>>   #############################################################
>>>>>>>  This message is sent to you because you are subscribed to
>>>>>>>the mailing list Lasso [hidden email]
>>>>>>>Official list archives available at http://www.lassotalk.com
>>>>>>>To unsubscribe, E-mail to: <[hidden email]>
>>>>>>>Send administrative queries to  <[hidden email]>
>>>>>>   #############################################################
>>>>>>  This message is sent to you because you are subscribed to
>>>>>>the mailing list Lasso [hidden email]
>>>>>>Official list archives available at http://www.lassotalk.com
>>>>>>To unsubscribe, E-mail to: <[hidden email]>
>>>>>>Send administrative queries to  <[hidden email]>
>>>>>   -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
>>>>>-- -- --
>>>>>Steve Piercy              Website Builder              Soquel, CA
>>>>><[hidden email]>               <http://www.StevePiercy.com/>
>>>>>   #############################################################
>>>>>  This message is sent to you because you are subscribed to
>>>>>the mailing list Lasso [hidden email]
>>>>>Official list archives available at http://www.lassotalk.com
>>>>>To unsubscribe, E-mail to: <[hidden email]>
>>>>>Send administrative queries to  <[hidden email]>
>>>>   #############################################################
>>>>  This message is sent to you because you are subscribed to
>>>>the mailing list Lasso [hidden email]
>>>>Official list archives available at http://www.lassotalk.com
>>>>To unsubscribe, E-mail to: <[hidden email]>
>>>>Send administrative queries to  <[hidden email]>
>>>
>>>
>>>#############################################################
>>>
>>>This message is sent to you because you are subscribed to
>>>the mailing list Lasso [hidden email]
>>>Official list archives available at http://www.lassotalk.com
>>>To unsubscribe, E-mail to: <[hidden email]>
>>>Send administrative queries to  <[hidden email]>
>>
>>
>>#############################################################
>>
>>This message is sent to you because you are subscribed to
>>the mailing list Lasso [hidden email]
>>Official list archives available at http://www.lassotalk.com
>>To unsubscribe, E-mail to: <[hidden email]>
>>Send administrative queries to  <[hidden email]>
>
>-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
>Steve Piercy              Website Builder              Soquel, CA
><[hidden email]>               <http://www.StevePiercy.com/>

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy              Website Builder              Soquel, CA
<[hidden email]>               <http://www.StevePiercy.com/>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>