From owner-freebsd-security@FreeBSD.ORG Thu May 14 10:44:23 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C3B52ACB for ; Thu, 14 May 2015 10:44:23 +0000 (UTC) Received: from rack.patpro.net (rack.patpro.net [193.30.227.216]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "patpro.net", Issuer "Gandi Standard SSL CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 83EF01141 for ; Thu, 14 May 2015 10:44:23 +0000 (UTC) Received: from [192.168.0.2] (boleskine.patpro.net [82.230.142.222]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (Client did not present a certificate) by rack.patpro.net (Postfix) with ESMTPSA id C6EA9E71; Thu, 14 May 2015 12:44:20 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=patpro.net; s=201504-3edeac90; t=1431600260; bh=rzAdlcnOdc8zlHkRNJ+zRH0Cnzmpe4yUVSP09LH+s9w=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=crStgel2xnJEov1zBK9HpZ6PkCTE84ifixcDIHW6hybtMicaT7UVthrrOjC2Z4fMe DR1Ld3+xP85GV8yinKe+G9NxqeJ1+HOAFkdvTN4IX6FXgJVhSP6+ckqriOxzPQr9qa 1DiHoFbQn9+HIfA0pv8OucG3Ligfw5UPdmC1n+oytjoUG/Ob+qzuv5r0cVC094fzkT Igmvu/umQz9KG/KVG7E5Co8We5CuERLHAgHqGoMhVaXqOqtNn8foh9NiGMiqVdMA2B fHgrPmUS6MAKo2jFxsf5jeutL/yX8fUlylvgvbm3rkV4c0sN4BLAf000dQXevDuMvV uGeUZWXiMFsvYVbWnm8q+gtTCUFFXAcUTH1lWgHRG0PuD3llEH73N1ep9qPaSV8dxk llWbJiwdVVIGO3924eAGKp7ChihZfIYcOeCnU75gTcahvLPjD4ex6WQivgzghpSMKS L4N1Kt7lSjStNXRAfiRjtW7pB5exmeRK+erHYnoLu3mW453uHC/aH2BVbLuwKD5SD+ LlewZ2c+dI+OR6BJyyxi++1Pjg5UdBwgubwAVeRFsGMhpXVHvZ6TqZdrw8x3RECcKN mF/JGtk5y7Hs+m/6tObIbWq/gIA9KS4nZKIVNuuDmACQmEL30AbAbuz8r7Aw8phiW/ kIWMXpbUrL4Qsx03w7ELTWCc= Subject: Re: Forums.FreeBSD.org - SSL Issue? Mime-Version: 1.0 (Apple Message framework v1085) Content-Type: text/plain; charset=us-ascii From: Patrick Proniewski In-Reply-To: <20150514193706.V69409@sola.nimnet.asn.au> Date: Thu, 14 May 2015 12:44:20 +0200 Cc: Liste FreeBSD-security Content-Transfer-Encoding: quoted-printable Message-Id: References: <2857899F-802E-4086-AD41-DD76FACD44FB@modirum.com> <05636D22-BBC3-4A15-AC44-0F39FB265CDF@patpro.net> <20150514193706.V69409@sola.nimnet.asn.au> To: Ian Smith X-Mailer: Apple Mail (2.1085) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 May 2015 10:44:23 -0000 On 14 mai 2015, at 12:02, Ian Smith wrote: > Well, I can't reach https://forums.freebsd.org/ at all at the moment, = my=20 > (admittedly ancient, on 8.2) SeaMonkey now consistenly reports: >=20 > "Data Transfer Interrupted > The connection to forums.freebsd.org has terminated unexpectedly. Some=20= > data may have been transferred." looks like your browser/OS does not support TLS 1.2. > I checked 'forums.freebsd.org' at=20 > https://www.ssllabs.com/ssltest/analyze.html?d=3Dforums.freebsd.org = which=20 > is currently showing: "The server supports only older protocols, but = not=20 > the current best TLS 1.2. Grade capped to B." I've printed the report as PDF: http://patpro.net/~patpro/SSL-Server-Test-forums.freebsd.org.pdf You can see what I see : grade A+, TLS 1.2 only, hence poor support for = old browser (more like old openssl) regards, patpro=