The Endpoint Encryption Score measures your entity's adherence to Baseline Expectation's requirement that all entity (IdP and SP) service endpoints must be secured with current and trustworthy transport layer encryption.
A score of A or better indicates that the connection endpoints registered within your entity are protected with current and sufficiently strong transport layer encryption. A score of B or worse means there are serious vulnerabilities, and that you need to take action to remediate the defects.
InCommon employs the SSL Encryption assessment methodology published in the SSL Labs SSL Server Rating Guide. The rating defined in this guide is also used in Qualys' SSL Labs SSL Server Test tool. It offers a convenient way for you to test your servers.
We perform periodic, scheduled tests of all entities registered in the InCommon Federation. Each endpoint in your entity is measured independently. The score displayed on your entity page reflects the lowest score measured within that entity. For example, if your entity displays a B, that means all endpoints of that entity received a score of B or better.
The score you see above your entity page indicates the result from our most recent test. Because the testing does not happen in real time, the displayed score may not match the result you receive from a more recent test you've conducted.
To facilitate bulk testing, we use the SSL testing tool (downloadable at https://testssl.sh/).
The Qualys' SSL Labs SSL Server Test tool provides detailed explanation of a server's test result. It also provides links to remediation options. We recommend testing your endpoints using that tool to find out more.
"Not available" indicates that we have not been able to successfully complete at least one test of all endpoints in your entity. This may be due to a number of reasons. For example,
Can't find what you are looking for?