Skip to content
This repository has been archived by the owner on May 11, 2022. It is now read-only.

SSL and STARTTLS Forward Secrecy #87

Open
dcposch opened this issue Dec 2, 2013 · 1 comment
Open

SSL and STARTTLS Forward Secrecy #87

dcposch opened this issue Dec 2, 2013 · 1 comment

Comments

@dcposch
Copy link
Owner

dcposch commented Dec 2, 2013

Just in case.

Also, from the Open Technology Fund survey:

If StartTLS is supported, do you enable ciphers that are 
not-forward secret or have fewer than 128 bits?

We should not.

@AndrewTheLott
Copy link

According to SSL Report: scramble.io (173.255.244.90) assessed on: Tue Jan 13 06:50:36 PST 2015

  • Certificate uses a weak signature. When renewing, ensure you upgrade to SHA2.
  • This server's certificate chain is incomplete. (see Your SSL certificate is broken #105 for this one)
  • This server accepts the RC4 cipher, which is weak.

On the plus side, Forward Secrecy & HSTS are enabled.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants