TLS website test - ssllabs.com - provider in Switzerland: Difference between revisions
(→A) |
m (Tobiasco moved page Ssllabs.com - ssltest - provider in Switzerland to TLS website test - ssllabs.com - provider in Switzerland) |
||
(6 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
==Overview== | ==Overview== | ||
[[SSL]]-testing started 2015-04-25. More providers might be added later. | [[SSL]]-testing started 2015-04-25. More providers might be added later. | ||
See also [[Provider in Switzerland]]. | |||
===Cipher Strength=== | ===Cipher Strength=== | ||
* hosteurope.ch has Cipher Strength 100 but since only few ciphers are supported it might be difficult for some clients to get access. "Handshake Simulation" shows six times "Fail". | * hosteurope.ch has Cipher Strength 100 but since only few ciphers are supported it might be difficult for some clients to get access. "Handshake Simulation" shows six times "Fail". | ||
* [[Ssllabs.com - ssltest - banks]] shows 90 for sbroker which is rated A+. | * [[Ssllabs.com - ssltest - banks]] shows 90 for sbroker which is rated A+. | ||
== A+ == | == A+ == | ||
Line 11: | Line 14: | ||
Certificate 100 | Certificate 100 | ||
Protocol Support 95 | Protocol Support 95 | ||
Key Exchange | Key Exchange 90 | ||
Cipher Strength 100 | Cipher Strength 100 | ||
Line 17: | Line 20: | ||
This server supports HTTP Strict Transport Security with long duration. Grade set to A+. | This server supports HTTP Strict Transport Security with long duration. Grade set to A+. | ||
== A | |||
* https://www.ssllabs.com/ssltest/analyze.html?d=protonmail.com&s=185.70.40.189 | |||
Grade A+ | |||
Certificate 100 | |||
Protocol Support 95 | |||
Key Exchange 90 | |||
Cipher Strength 90 | |||
This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks. | |||
This server supports HTTP Strict Transport Security with long duration. Grade set to A+. | |||
* https://www.ssllabs.com/ssltest/analyze.html?d=kolabnow.com | * https://www.ssllabs.com/ssltest/analyze.html?d=kolabnow.com | ||
Grade A | Grade A+ | ||
Certificate 100 | Certificate 100 | ||
Protocol Support 95 | Protocol Support 95 | ||
Key Exchange | Key Exchange 90 | ||
Cipher Strength 90 | Cipher Strength 90 | ||
This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks. | This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks. | ||
This server supports HTTP Strict Transport Security with long duration. | This server supports HTTP Strict Transport Security with long duration. Grade set to A+. | ||
* https://www.ssllabs.com/ssltest/analyze.html?d= | == A == | ||
* https://www.ssllabs.com/ssltest/analyze.html?d=4host.ch | |||
Grade A | Grade A | ||
Certificate 100 | Certificate 100 | ||
Line 34: | Line 46: | ||
Key Exchange 80 | Key Exchange 80 | ||
Cipher Strength 90 | Cipher Strength 90 | ||
This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks. | This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks. | ||
This server supports HTTP Strict Transport Security with long duration. | |||
* https://www.ssllabs.com/ssltest/analyze.html?d= | * https://www.ssllabs.com/ssltest/analyze.html?d=hostpoint.ch | ||
Grade A | Grade A | ||
Certificate 100 | Certificate 100 | ||
Line 43: | Line 56: | ||
Key Exchange 80 | Key Exchange 80 | ||
Cipher Strength 90 | Cipher Strength 90 | ||
Intermediate certificate has a weak signature. Upgrade to SHA2 as soon as possible to avoid browser warnings. | |||
This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks. | This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks. | ||
== B == | == B == |
Latest revision as of 2017-09-07T01:57:29
Overview
SSL-testing started 2015-04-25. More providers might be added later.
See also Provider in Switzerland.
Cipher Strength
- hosteurope.ch has Cipher Strength 100 but since only few ciphers are supported it might be difficult for some clients to get access. "Handshake Simulation" shows six times "Fail".
- Ssllabs.com - ssltest - banks shows 90 for sbroker which is rated A+.
A+
Grade A+ Certificate 100 Protocol Support 95 Key Exchange 90 Cipher Strength 100 This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks. This server supports HTTP Strict Transport Security with long duration. Grade set to A+.
Grade A+ Certificate 100 Protocol Support 95 Key Exchange 90 Cipher Strength 90 This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks. This server supports HTTP Strict Transport Security with long duration. Grade set to A+.
Grade A+ Certificate 100 Protocol Support 95 Key Exchange 90 Cipher Strength 90 This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks. This server supports HTTP Strict Transport Security with long duration. Grade set to A+.
A
Grade A Certificate 100 Protocol Support 95 Key Exchange 80 Cipher Strength 90 This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks. This server supports HTTP Strict Transport Security with long duration.
Grade A Certificate 100 Protocol Support 95 Key Exchange 80 Cipher Strength 90 Intermediate certificate has a weak signature. Upgrade to SHA2 as soon as possible to avoid browser warnings. This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks.
B
Grade B Certificate 100 Protocol Support 95 Key Exchange 90 Cipher Strength 90 This server accepts the RC4 cipher, which is weak. Grade capped to B. The server does not support Forward Secrecy with the reference browsers.
Grade B Certificate 100 Protocol Support 70 Key Exchange 100 Cipher Strength 90 The server supports only older protocols, but not the current best TLS 1.2. Grade capped to B. This server accepts the RC4 cipher, which is weak. Grade capped to B.
Grade B Certificate 100 Protocol Support 70 Key Exchange 80 Cipher Strength 90 The server supports only older protocols, but not the current best TLS 1.2. Grade capped to B. This server accepts the RC4 cipher, which is weak. Grade capped to B. The server does not support Forward Secrecy with the reference browsers.
Grade B Certificate 100 Protocol Support 70 Key Exchange 80 Cipher Strength 90 Intermediate certificate has a weak signature. Upgrade to SHA2 as soon as possible to avoid browser warnings. The server supports only older protocols, but not the current best TLS 1.2. Grade capped to B. There is no support for secure renegotiation. The server does not support Forward Secrecy with the reference browsers.
C
Grade C Certificate 100 Protocol Support 70 Key Exchange 80 Cipher Strength 90 This server is vulnerable to the POODLE attack. If possible, disable SSL 3 to mitigate. Grade capped to C. The server supports only older protocols, but not the current best TLS 1.2. Grade capped to B. The server does not support Forward Secrecy with the reference browsers. This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks.
Grade C Certificate 100 Protocol Support 70 Key Exchange 80 Cipher Strength 90 This server is vulnerable to the POODLE attack. If possible, disable SSL 3 to mitigate. Grade capped to C. The server supports only older protocols, but not the current best TLS 1.2. Grade capped to B. This server accepts the RC4 cipher, which is weak. Grade capped to B. The server does not support Forward Secrecy with the reference browsers. This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks.