[Cryptography] TLS 1.0, Diffie-Hellman, RSA, AES128 CBC, SHA seriously qualified as «broken»?

Mike the.lists at mgm51.com
Sun Aug 30 09:56:24 EDT 2020

On 8/29/2020 5:16 PM, Thierry Moreau wrote:
> Hi,
> [snip]
> In essence, it appears to work as intended.
> The Firefox version 76.0.1 reported «TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 
> 128 bit keys, TLS 1.0» as the technical details for the security of the 
> web page.
> In essence, it appears to work as intended ... but
> The firefox browser qualifies this as «broken encryption». «Your 
> connection to this website uses weak encryption and is not private. 
> Other people can view your information or modify the website's behavior. 
> Information sent over the Internet without encryption can be seen by 
> other people while it is in transit.»
> And the security icon on the left of the URL entry field is yellow.
> Then what?
> [snip]

I find this site to be a good starting point.  It provided me with
enough of an understanding that I knew what I needed to look into and
research more deeply.  YMMV.  :)


More information about the cryptography mailing list