Mailinglist Archive: opensuse (1355 mails)

< Previous Next >
[opensuse] Re: weird error on opensuse site following an advert: new encryption only on suse?
David C. Rankin wrote:
Ah, but I digress. Either the suse.com has received some TLC in the past 24
hours, or I was lucky enough to avoid the problem (though I have javascript
blocked with NoScript and Ublock-Origin preventing the other half of the mix.)
----
It has to do with my following recommendations from ssllabs.com
who, among other sites, cited: https://community.qualys.com/thread/18086-authenticated-encryption-cipher-suites

where it says 'RSA' is vulnerable to a specific type of attack and recommends it be turned off to achieve a higher security grade.
They have a list of recommended TLS ciphers.

If I add back at least 1 of the RSA ciphers, then my browser
will go through because the both the forums.opensuse.org and
suse.com sites only use the lower grade RSA ciphers.

Many (probably Most) still enable the lower security ciphers for
compatibility with sites like opensuse's, that have not yet changed.

p.s. -- if you want me to see what you wrote in reasonable
time frame, please make sure to send a copy to me as well
as to the list. Copies to the list go to a list mailbox, while copies to me go to a more personal mailbox which gets seen
more often. List mailboxes may not get seen for weeks
and sometimes large numbers of messages are skipped over when
I get back to them. It depends on how much extra time I have.
When busy, such a system enables me to prioritize communications.



--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >