[jdev] SSL/TLS versions

Kevin Smith kevin at kismith.co.uk
Fri Nov 15 08:55:40 UTC 2013


On Fri, Nov 15, 2013 at 2:33 AM, Peter Saint-Andre <stpeter at stpeter.im>wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Matthew Wild has run some analytics on SSL/TLS versions negotiated
> over a period of time at the jabber.org XMPP service. The percentages
> were roughly as follows:
>
> TLS 1.0 72%
> TLS 1.2 21%
> TLS 1.1  4%
> SSLv3    3%
>
> Two points:
>
> 1. I'm disappointed that TLS 1.2 is still only ~20%. But that might be
> driven by operating systems, not XMPP clients.
>
> 2. I wonder if some XMPP clients still cannot do TLS and therefore use
> SSLv3 instead. Or is that too driven by operating systems?
>
> I'd have thought that for both of these it's either the OpenSSL from the
OS, the OS facility itself, or the OpenSSL that got bundled. It seems
unlikely that any XMPP clients are implementing their crypto layers
themselves.

/K
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20131115/70f2af02/attachment.html>


More information about the JDev mailing list