[Cryptography] TLS 1.0, Diffie-Hellman, RSA, AES128 CBC, SHA seriously qualified as «broken»?
the.lists at mgm51.com
Sun Aug 30 09:56:24 EDT 2020
On 8/29/2020 5:16 PM, Thierry Moreau wrote:
> In essence, it appears to work as intended.
> The Firefox version 76.0.1 reported «TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
> 128 bit keys, TLS 1.0» as the technical details for the security of the
> web page.
> In essence, it appears to work as intended ... but
> The firefox browser qualifies this as «broken encryption». «Your
> connection to this website uses weak encryption and is not private.
> Other people can view your information or modify the website's behavior.
> Information sent over the Internet without encryption can be seen by
> other people while it is in transit.»
> And the security icon on the left of the URL entry field is yellow.
> Then what?
I find this site to be a good starting point. It provided me with
enough of an understanding that I knew what I needed to look into and
research more deeply. YMMV. :)
More information about the cryptography