TLS website test - ssllabs.com - provider in Switzerland: Difference between revisions
No edit summary |
(→C) |
||
Line 50: | Line 50: | ||
Key Exchange 80 | Key Exchange 80 | ||
Cipher Strength 90 | Cipher Strength 90 | ||
This server is vulnerable to the POODLE attack. If possible, disable SSL 3 to mitigate. Grade capped to C. | |||
The server supports only older protocols, but not the current best TLS 1.2. Grade capped to B. | |||
The server does not support Forward Secrecy with the reference browsers. MORE INFO » | |||
This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks. |
Revision as of 2015-04-25T16:58:24
A+
Grade A+ Certificate 100 Protocol Support 95 Key Exchange 80 Cipher Strength 90 This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks. This server supports HTTP Strict Transport Security with long duration. Grade set to A+
A
Grade A Certificate 100 Protocol Support 95 Key Exchange 80 Cipher Strength 90 Intermediate certificate has a weak signature. Upgrade to SHA2 as soon as possible to avoid browser warnings. This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks.
B
Grade B Certificate 100 Protocol Support 70 Key Exchange 80 Cipher Strength 90 The server supports only older protocols, but not the current best TLS 1.2. Grade capped to B. This server accepts the RC4 cipher, which is weak. Grade capped to B. The server does not support Forward Secrecy with the reference browsers.
Grade B Certificate 100 Protocol Support 95 Key Exchange 90 Cipher Strength 90 This server accepts the RC4 cipher, which is weak. Grade capped to B. The server does not support Forward Secrecy with the reference browsers.
C
Grade C Certificate 100 Protocol Support 70 Key Exchange 80 Cipher Strength 90 This server is vulnerable to the POODLE attack. If possible, disable SSL 3 to mitigate. Grade capped to C. The server supports only older protocols, but not the current best TLS 1.2. Grade capped to B. The server does not support Forward Secrecy with the reference browsers. MORE INFO » This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks.