[Ach] FYI: nginx Ciper Suite Testergebnissse
L. Aaron Kaplan
kaplan at cert.at
Thu Nov 14 17:56:53 CET 2013
On Nov 14, 2013, at 5:53 PM, christian mock <cm at coretec.at> wrote:
> On Tue, Nov 12, 2013 at 04:37:24PM +0100, Pepi Zawodsky wrote:
>>
>>>> https://www.ssllabs.com/ssltest/analyze.html?d=maclemon.at
>>> Wenn https://maclemon.at die Testadresse
>>
>> Looks like we're hitting a pattern.
>> 2.3.x cannot connect successfully.
>> 4.x work fine.
>>
>> In MY test 2.2.3 could not connect, but that is likely due to MY setup! Adi suggested, that this release should be able to connect.
>>
>> Here's a list of supported ciphers in Android 4.2.2
>> http://pastebin.com/uy9VXJnK
>>
>> I hope to get more details on 2.3 and older releases of Android.
>
> As discussed yesterday, I'll fire up all available versions of android
> in the emulator over the weekend, and will generate the list of
> supported ciphers for each.
>
> I'll also try to get a "debugging" server coded, so that one can
> connect to it and get a nicely formatted list of the ciphersuites the
> client supports.
Ahm, what about this?
https://www.ssllabs.com/ssltest/viewMyClient.html
>
> (This is primarily because I'm a virtuous[0] sysadmin and want to
> automate the android task, and I got as far as calling the default
> browser with a target URL, but found no way to get the damn HTML out
> of the browser. Second reason: we'll need to gather data on other
> clients too, mail, XMPP, etc)
>
> cm.
>
> [0] a.k.a. "lazy" ;-)
>
> --
> Christian Mock Wiedner Hauptstr. 15
> Senior Security Engineer 1040 Wien
> CoreTEC IT Security Solutions GmbH +43-1-5037273
> FN 214709 z
>
> .-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
> CoreTEC: Web Application Audit - Damit so etwas nicht passiert!
>
> http://heise.de/-1260559
>
> .-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach
---
// L. Aaron Kaplan <kaplan at cert.at> - T: +43 1 5056416 78
// CERT Austria - http://www.cert.at/
// Eine Initiative der nic.at GmbH - http://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20131114/0c1b261d/attachment.sig>
More information about the Ach
mailing list