Closed
Bug 1116961
Opened 9 years ago
Closed 9 years ago
mozilla.org and addons.mozilla.org do not provide any Diffie–Hellman ciphers
Categories
(Infrastructure & Operations Graveyard :: WebOps: Other, task)
Infrastructure & Operations Graveyard
WebOps: Other
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 901035
People
(Reporter: moz, Unassigned)
Details
DH ciphers are useful for several reasons, e.g. forward security and that they are less vulnerable against e.g. the Bleichenbacher attack on SSL/TLS. Because of this Mozilla's websites should provide DH ciphers. I only found this on mozilla.org and addons.mozilla.org, I don't know whether other sites are affected too.
Assignee: infra → server-ops-webops
Component: Infrastructure: Other → WebOps: Other
QA Contact: jdow → nmaul
Comment 1•9 years ago
|
||
Thanks for the report. We track the ciphers configurations of our websites closely. Mozilla.org provides DHE ciphers: $ ./cipherscan mozilla.org ...... Target: mozilla.org:443 prio ciphersuite protocols pfs_keysize 1 DHE-RSA-AES128-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 DH,1024bits 2 DHE-RSA-AES256-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 DH,1024bits 3 AES128-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 4 AES256-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 5 DES-CBC3-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 Certificate: trusted, 2048 bit, sha1WithRSAEncryption signature TLS ticket lifetime hint: None OCSP stapling: supported Server side cipher ordering AMO & Marketplace do not because of technological reasons. Bug 901035 already tracks the issue for these sites, so I'm marking this bug as a duplicate.
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Flags: needinfo?(jvehent)
Resolution: --- → DUPLICATE
Updated•5 years ago
|
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•