howsmyssl
howsmyssl copied to clipboard
jmhodges
The web app running howsmyssl.com
Cipher Suites for TLS (less than) 1.2 need to indicate "Weak" or "Forward Secrecy" (RE : SSL Labs)
Cipher Suites for TLS (less than) 1.2 need to indicate "Weak" or "Forward Secrecy" (RE : SSL Labs) https://www.ssllabs.com/ssltest/viewMyClient.html#1531504937607&frame_loaded Cipher Suites (in order of preference) TLS_GREASE_8A (0x8a8a) - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9)...
Currently, just defining it in client_info.go
After this revelations. https://freedom-to-tinker.com/blog/haldermanheninger/how-is-nsa-breaking-so-much-crypto/ it would be probably a good idea to add a warning for this as suggested by: https://www.eff.org/deeplinks/2015/10/how-to-protect-yourself-from-nsa-attacks-1024-bit-DH
Given the recent Logjam announcement it would be helpful to understand the maximum DH Parameter size supported by each tested client. The current recommendation is to use 2048 bit DH...
Even though this is aimed at client-side SSL, and Heartbleed attention has been focused on vulnerable servers, client-side attacks are a real thing: http://blog.meldium.com/home/2014/4/10/testing-for-reverse-heartbleed
(Originally mentioned in issue 4, but that's been closed with provision of server support for secure renegotiation, which is reasonable.) The webapp should report whether the connected client supports [RFC...
I'm working on adding wolfSSL support to the ESP-TLS layer in the Espressif ESP-IDF as noted in https://github.com/espressif/esp-idf/issues/13966. While attempting to update the [HTPS Example](https://github.com/espressif/esp-idf/tree/master/examples/protocols/esp_http_client) to use _only_ TLS 1.3,...
