libreplanet-discuss
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libreplanet-discuss] Bad SSL of the program and registration page


From: Benjamin Grimm-Lebsanft
Subject: [libreplanet-discuss] Bad SSL of the program and registration page
Date: Thu, 05 Feb 2015 17:12:53 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0

Hi there,

I don't know if someone already mentioned this, but the SSL used on the
program and registration page seems very unsafe. The SSLeuth addon for
firefox rates it 4.7 out of 10. Points are:

Bulk-cipher: RC4-128 bits (Considered unsafe)
HMAC: SHA-1 (Reportedly weak)
No perfect forward privacy

Also there's no extended validation but I guess we don't have to waste
money on SSL certs. Still, I'd like the admins to consider tweaking the
server with this:
https://cipherli.st/

Thanks and best regards
Benjamin

Attachment: signature.asc
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]