[Cryptography] TLS 1.0, Diffie-Hellman, RSA, AES128 CBC, SHA seriously qualified as «broken»?
Mike
the.lists at mgm51.com
Sun Aug 30 09:56:24 EDT 2020
On 8/29/2020 5:16 PM, Thierry Moreau wrote:
> Hi,
>
> [snip]
> In essence, it appears to work as intended.
>
> The Firefox version 76.0.1 reported «TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
> 128 bit keys, TLS 1.0» as the technical details for the security of the
> web page.
>
> In essence, it appears to work as intended ... but
>
> The firefox browser qualifies this as «broken encryption». «Your
> connection to this website uses weak encryption and is not private.
> Other people can view your information or modify the website's behavior.
> Information sent over the Internet without encryption can be seen by
> other people while it is in transit.»
>
> And the security icon on the left of the URL entry field is yellow.
>
> Then what?
> [snip]
I find this site to be a good starting point. It provided me with
enough of an understanding that I knew what I needed to look into and
research more deeply. YMMV. :)
https://wiki.mozilla.org/Security/Server_Side_TLS
More information about the cryptography
mailing list