-
Notifications
You must be signed in to change notification settings - Fork 142
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cipher_suites table on wiki may no longer be generated automatically, and therefore stale. #247
Comments
To address one point only, that username changed a while ago; the corrected
URL would, assuming it’s broken for just the rename and no other reason, be:
https://github.com/april/tls-table/blob/master/tls-table.py
…On Thu, May 16, 2019 at 17:07 charlesmanser ***@***.***> wrote:
https://wiki.mozilla.org/Security/Server_Side_TLS#Cipher_suites states
that the table is automatically generated via
https://github.com/marumari/tls-table/blob/master/tls-table.py. That
returns a 404, not found error.
The table may be stale now. It seems to recommend
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 as intermediate; however, sections like
"Intermediate compatibility (default)" and
https://statics.tls.security.mozilla.org/server-side-tls-conf.json do not
recommend CBC-based ciphers.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#247?email_source=notifications&email_token=AAAWUDAT4HY22VSWIAEL5DDPVXZMVA5CNFSM4HNRBQL2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4GUJLGTA>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAAWUDFK673LSU77DUWHTYLPVXZMVANCNFSM4HNRBQLQ>
.
|
It was always generated manually, and it uses the cipher suites on the wiki page, not the JSON (which I'm not sure existed at the time). It has been updated, but I'm keeping this open until everything is synced. |
For example, when I check out https://wiki.mozilla.org/Security/Cipher_Suites, I see green highlighted TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384; however, https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility does not list any CBC/-cbc- ciphers. |
Should be updated now with v5.7 — although manually as seen in #296 Issues with generating by |
https://wiki.mozilla.org/Security/Server_Side_TLS#Cipher_suites states that the table is automatically generated via https://github.com/marumari/tls-table/blob/master/tls-table.py. That returns a 404, not found error.
The table may be stale now. It seems to recommend TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 as intermediate; however, sections like "Intermediate compatibility (default)" and https://statics.tls.security.mozilla.org/server-side-tls-conf.json do not recommend CBC-based ciphers.
The text was updated successfully, but these errors were encountered: