Win2000やXPのIEでfreakattackの検証サイトに接続できない件
Tracking the FREAK Attack
なぜかIEだと接続できないので、 TestSSLServerで調べてみた
今どき、XPや2000でIE使ってる人はいないと思いますが…一応ね・ω・
| Supported versions: TLSv1.0 TLSv1.1 TLSv1.2 Deflate compression: no Supported cipher suites (ORDER IS NOT SIGNIFICANT): TLSv1.0 DHE_RSA_WITH_AES_128_CBC_SHA <- Firefox のみ DHE_RSA_WITH_AES_256_CBC_SHA <- Firefox のみ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA <- Vista 以降 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA <- Vista 以降 (TLSv1.1: idem) TLSv1.2 DHE_RSA_WITH_AES_128_CBC_SHA DHE_RSA_WITH_AES_256_CBC_SHA DHE_RSA_WITH_AES_128_CBC_SHA256 DHE_RSA_WITH_AES_256_CBC_SHA256 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ---------------------- Server certificate(s): 2f4bf0ec1c4ae9f32597aa4ba2bb34556301efc4: CN=*.freakattack.com, OU=PositiveSSL Wildcard, OU=Domain Control Validated ---------------------- Minimal encryption strength: strong encryption (96-bit or more) Achievable encryption strength: strong encryption (96-bit or more) BEAST status: vulnerable CRIME status: protected |
参考
TLS/SSL の暗号利用に関する現状と課題について
ああ、これは見れるわけないですね
ちなみに、こっちのサイトが見れたらアウト
| Supported versions: SSLv3 TLSv1.0 TLSv1.1 Deflate compression: no Supported cipher suites (ORDER IS NOT SIGNIFICANT): SSLv3 RSA_WITH_RC4_128_SHA RSA_WITH_3DES_EDE_CBC_SHA RSA_WITH_AES_128_CBC_SHA RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_GCM_SHA256 (TLSv1.0: idem) (TLSv1.1: idem) ---------------------- Server certificate(s): 2f4bf0ec1c4ae9f32597aa4ba2bb34556301efc4: CN=*.freakattack.com, OU=PositiveSSL Wildcard, OU=Domain Control Validated ---------------------- Minimal encryption strength: strong encryption (96-bit or more) Achievable encryption strength: strong encryption (96-bit or more) BEAST status: vulnerable CRIME status: protected |
Translate
Comments