This just in....
NOUS42 KWNO 271712
ADMNFD
SENIOR DUTY METEOROLOGIST NWS ADMINISTRATIVE MESSAGE
NWS NCEP CENTRAL OPERATIONS COLLEGE PARK MD
1712Z TUE FEB 27 2018
WEB SERVICE CHANGES FOR NCO STARTING AT 28/1500Z...
Removal of Weak Ciphers from NCEP Web Sites
As required by US Department of Homeland Security Binding
Operational Directive 18-01, NCEP/NCO will be making changes to
the underlying protocols that are used to access our public and
internal web sites. For web sites, the directive addresses
enforcement of secure HTTPS protocols for all access.
These changes will include:
Enabling HTTPS for sites that were previously HTTP-only
Redirecting HTTP traffic for all sites to the respective
HTTPS counterpart
Restricting HTTPS handshakes to Cipher suites that are known
to be secure.
Enabling a configuration that marks the affected sites for
HTTPS Strict Transport Security (HSTS)
The potential impacts that have been identified include:
Scripts that are attempting to connect to the HTTP service
that do not honor the redirect to HTTPS will fail.
Scripts or applications that do not support HTTPS protocols
will be unable to connect.
Browsers that do not support secure ciphers may be unable to
connect (we believe that this would only affect browsers that are
already obsolete, but that does not mean that they are not
possibly still in-use. Example: IE8 on Windows XP)
Users who have restrictive firewall rules at their side that
do not permit access to the HTTPS service may be unable to
connect.
Please be aware that all of the changes above are, in addition to
being mandated by DHS, considered ā??best practiceā?? in network
security and privacy. For more information on the transition to
HTTPS-only, please see
https://https.cio.gov/