On 2020/02/01 12:39, George Rosamond wrote:
> ping
>
>
> -------- Forwarded Message --------
> Subject: NEW security/ssllabs-scan
> Date: Wed, 22 Jan 2020 23:16:43 -0500
>
> Attached is the port for SSLLabs.com API written in golang. From pkg/DESCR:
>
> This tool is a command-line client for the SSL Labs APIs, designed
> for automated and/or bulk testing.
>
> SSL Labs API expose the complete SSL/TLS server testing functionality
> in a programmatic fashion, allowing for scheduled and bulk assessment.
> They are making their API available to encourage site operators to
> regularly test servers configurations.
>
> /quote
>
> While the license is Apache2
> (https://github.com/ssllabs/ssllabs-scan/blob/master/LICENSE), the terms
> of use (https://www.ssllabs.com/about/terms.html) contains some
> restrictions under the API section that I'm not sure if it's legit for
> inclusion in OpenBSD's ports (https://www.ssllabs.com/about/terms.html).
>
> Thanks
>
> g
>
---snip------------------------
You are allowed to:
(i) use the API only to inspect only sites and servers whose owners have
given you permission to do so;
---snip------------------------
---snip------------------------
You are not allowed, without our express permission, to:
(i) use the API for commercial purposes;
(ii) use the API on a public web site;
(iii) publish any information received from us via the APIs without the
owner's express permission;
(iv) distribute, proxy, or otherwise make the API available for access
or use by any person or entity other than your authorized employees,
including but not limited to acting as a service bureau or developing a
competing product or service offering.
---snip------------------------
If it goes in, it will need some strong warnings. But I'm not sure it's
worth it.
No comments:
Post a Comment