Versions Compared

Version Old Version 1 New Version Current
Changes made by

Małgorzata Woźniak

Janina Mincer-Daszkiewicz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

Levels of estimated error severity.

If an error is present in the context of an API (or endpoint), it applies only to that API (or endpoint).

Status
colourRed
titleCritical

This severity level implies that the process always/usually works badly.

Status
colourYellow
titleMAJOR

This severity level implies that the process works badly in some cases.

Status
colourPurple
titleMEDIUM

This flaw results in unfavorable behavior but the system remains functioning.

Status
colourBlue
titleLOW

This type of flaw won’t cause any major breakdown in the system.

...

Panel
panelIconId203c
panelIcon:bangbang:
panelIconText‼️
bgColor#FFEBE6

List of identified issues in this category (click on the title to show details)

Expand
titleNET-001: Incomplete SSL certificate chain

Description

A website with this SSL misconfiguration might work fine in the browser, but it won't work for clients that do not support AIA Fetching, e.g. in Python. The error can be reproduced with `curl`, it will return error: "curl: (60) SSL certificate problem: unable to get local issuer certificate".

Estimated severity

Status
colourRed
titleCritical

Examples

 

Suggested action

Test your website on https://www.ssllabs.com/ssltest/index.html. Configure properly your webserver.

How communicated

Monitoring system

11 HEIs (6 providers) in PROD, 9 HEIs (7 providers) in DEV

Expand
titleNET-002: Expired SSL certificate

Description

Expired SSL certificate

Estimated severity

Status
colourRed
titleCritical

Examples

 

Suggested action

The certificate needs to be renewed

How communicated

Monitoring system

At least 3 HEIs (2 providers) in PROD, 39 HEIs (9 providers) in DEV