[Operators] ECDSA certs score F

shmick at riseup.net shmick at riseup.net
Sat Jul 26 03:18:55 UTC 2014


hi,

i was testing an xmpp server and i believe its wrong to reduce the
score because of the cert which is reported < 1024 bits

i think the testing backend only assumes an RSA cert, is that right ?

the server i tested is using a cert in a pure ECC chain with ECDSA 384
and not a standard RSA cert

can you re-configure the xmpp tester to recognise ecdsa certs as not
being low quality and grading the score to F ?

see

https://xmpp.net/result.php?id=46868
https://xmpp.net/result.php?id=46871

the TLSA records didn't seem to be detected either

i dont know what's up with the s2s though




More information about the Operators mailing list