[Operators] ECDSA certs score F
dave at cridland.net
Wed Aug 6 08:14:04 UTC 2014
Without an RSA cert at all, can a remote server with only RSA negotiate TLS?
On 5 August 2014 19:30, shmick at riseup.net <shmick at riseup.net> wrote:
> shmick at riseup.net wrote:
> > hi,
> > i was testing an xmpp server and i believe its wrong to reduce the
> > score because of the cert which is reported < 1024 bits
> > i think the testing backend only assumes an RSA cert, is that right ?
> > the server i tested is using a cert in a pure ECC chain with ECDSA 384
> > and not a standard RSA cert
> > can you re-configure the xmpp tester to recognise ecdsa certs as not
> > being low quality and grading the score to F ?
> > see
> > https://xmpp.net/result.php?id=46868
> > https://xmpp.net/result.php?id=46871
> > the TLSA records didn't seem to be detected either
> > i dont know what's up with the s2s though
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Operators