Library Freedom Project is looking for people who can help libraries with HTTPS


#1

The Library Freedom Project is asking libraries and publishers that provide digital information services in libraries to pledge to implement HTTPS over the next year. See https://libraryfreedomproject.org/ourwork/digitalprivacypledge/

Many smaller libraries are worried that they don’t have and can’t afford the technical expertise to do this implementation. A few developers have written to us expressing their willingness to help out, but we’d like to be ready in case LOTS of libraries need this sort of help.

If you’d like to volunteer, send us an email at pledge@libraryfreedomproject.org We’ll be explaining to libraries the risks of working with people they don’t know, so be sure to explain who you are and where you are.

The ideal situation is if you can help a library you already have a relationship with, so if your library isn’t on HTTPS, send the URL above to the libraries director.

Eric Hellman (a volunteer for LFP)


#2

This is awesome, thank you so much for organizing volunteers! I’m a big fan of The Library Freedom Project, and I’m glad that Let’s Encrypt will help deploy HTTPS at libraries.

Please make sure that folks who volunteer are able to provide continuing support and check in at certificate reissuance times (every 90 days), at least for the first year or so. We will be updating the protocol and the client, and while we intend to have clients auto-update, that’s not yet fully implemented. I would hate to see a library burned by HTTPS because their certificate expired and they did not know how to fix it.

Also, I’d recommend that any volunteer set up the Let’s Encrypt account with at least two email addresses for expiry notifications: their own, and the library IT administrator’s. This is supported on the server side, and I just filed an issue to support it on the client side.


#3

I am unclear as to the nature of the volunteer effort. Are you seeing developer volunteers to write HTTP code or do the libraries need help installing and configuring certificates?

Khürt L. Williams


#4

Jacob’s suggestions are really good. To be clear, the Library Freedom Project isn’t looking for people to do any coding. Helping smaller libraries to understand how to configure their servers properly is the concern that some libraries have expressed to us.


#5

Thanks for the follow-up @gluejar. I have reached out the library orgranization as well as the lcoal library.