-
Notifications
You must be signed in to change notification settings - Fork 233
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Test whether the world is ready for security.ssl.require_safe_negotiation -> true #237
Comments
Seems like one of the many implementations that web admins tend to ignore: |
It's not a matter of configuration, but upgrading the underlying TLS library to a version that supports RFC5746. |
At least www.vmware.com is not ready
|
World doesn't seem ready yet, as RFC is actually supported by OpenSSL and others, but it's rarely implemented on the mail and webservers? On Thunderbird: |
I know this is ancient but just adding that this broke Hulu login (auth.hulu.com) for me. 😞 |
Blame Hulu admins. |
@Atavic oh yes, to be clear I'm definitely not blaming you guys! I'm just sad that some of the biggest websites are still way behind on implementing this almost two years later. |
identify.nordea.com not ready :( 15.4.2024: Secure Renegotiation Supported |
tools.cisco.com not ready. |
caterpillar.com 15.4.2024: Works |
https://support-us.samsung.com/ 15.4.2024: SSL_ERROR_UNSAFE_NEGOTIATION |
Needs to be toggled when logging into https://www.verizon.com/, for https://ssoauth.verizon.com. |
These seem to work now. |
No description provided.
The text was updated successfully, but these errors were encountered: