Re: httpd vs TLS

To: Martin Husemann <martin%duskware.de@localhost>, tr%vispaul.me@localhost, tech-security%netbsd.org@localhost
Subject: Re: httpd vs TLS
From: Mateusz Kocielski <shm%digitalsun.pl@localhost>
Date: Thu, 17 Mar 2016 20:30:06 +0000

On Thu, Mar 17, 2016 at 03:48:49PM +0100, Thomas Klausner wrote:
> On Thu, Mar 17, 2016 at 03:42:39PM +0100, Martin Husemann wrote:
> > On Thu, Mar 17, 2016 at 03:36:29PM +0100, Thomas Klausner wrote:
> > > No, I want wip.pkgsrc.org to be reachable with https by default.
> > > I can't ask everyone to change their browser.
> > 
> > My Firefox uses TLS_RSA_WITH_AES_128_CBC_SHA, 128 bit keys, TLS 1.2
> > when talking to wip.pkgsrc.org.
> > 
> > Why would a -current httpd not provide that?
> > 
> > Thomas, could you run the -current binary on a different port so others
> > can examine this issue more closely?
> 
> Sure, I've started one on port 4443.
> 
> https://wip.pkgsrc.org:4443/cgi-bin/gitweb.cgi

Hi there,

 I've done quick tests using ssllabs (https://www.ssllabs.com/), here's a
part of the report: http://www.netbsd.org/~shm/bozo-ssl.txt . It shows that
older browsers have troubles in connecting to bozo as it's current
configuration is too restrictive.

 Regards,
 Mateusz

Follow-Ups:
- Re: httpd vs TLS
  - From: tr

References:
- httpd vs TLS
  - From: Thomas Klausner
- Re: httpd vs TLS
  - From: tr
- Re: httpd vs TLS
  - From: Thomas Klausner
- Re: httpd vs TLS
  - From: Martin Husemann
- Re: httpd vs TLS
  - From: Thomas Klausner

Prev by Date: Re: httpd vs TLS
Next by Date: Re: httpd vs TLS
Previous by Thread: Re: httpd vs TLS
Next by Thread: Re: httpd vs TLS
Indexes:

Home | Main Index | Thread Index | Old Index