Am 2024-02-29 13:46, schrieb Viktor Dukhovni via Postfix-users:
On Thu, Feb 29, 2024 at 06:36:09AM -0500, Scott Hollenbeck wrote:
> What do you consider weak? All of the anonymous Diffie-Hellman suites with an "F" score. How can eliminate the following:Who's assigning the "F" scores?
Nmap is telling this about the scores: ---snip---Each ciphersuite is shown with a letter grade (A through F) indicating the strength of the connection. The grade is based on the cryptographic strength of the key exchange and of the stream cipher. The message integrity (hash)
algorithm choice is not a factor. The output line beginning with<code>Least strength</code> shows the strength of the weakest cipher offered. The scoring is based on the Qualys SSL Labs SSL Server Rating Guide, but does not take protocol support (TLS version) into account, which makes up 30% of the
SSL Labs rating.
---snip---
The corresponding Qualys reference is:
https://www.ssllabs.com/projects/rating-guide/
Bye,
Alexander.
--
http://www.Leidinger.net alexan...@leidinger.net: PGP 0x8F31830F9F2772BF
http://www.FreeBSD.org netch...@freebsd.org : PGP 0x8F31830F9F2772BF
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
