SSL Labs Grade Change for TLS 1.0 and TLS 1.1 Protocols | Qualys Security Blog
blog.qualys.com
Update 1/31/2020: The grade change is now live on www.ssllabs.com. Servers that support TLS 1.0 or TLS 1.1 are capped to B grade. Update 1/16/2020: The grade change is now live on the development…
  • @bielaMAEnglish
    411 months ago

    I’ll take a look at our configs tomorrow 👍

    • @sugar_in_your_teaEnglish
      010 months ago

      Were we outdated? I see we’re using TLS 1.3 right now, and at least the certificate was last created/renewed before this post (created July 16, post on Aug 6). I know that’s not really a metric, but my browser at least has the minimum TLS version set to 3, so I would absolutely have noticed if SJW used anything older.

      I guess it’s possible we allowed older TLS versions, but at least the version I’m connecting with is completely fine.

    • @pastermilEnglish
      411 months ago

      Should still be good for now

      • @xaera
        OPEnglish
        211 months ago

        Not really, here’s why:

        • weak ciphers
        • SCSV (protocol fallback)

        That’s why I didn’t go for that thankless job.