View Issue Details

IDProjectCategoryView StatusLast Update
0001347Main CAcert Websitemiscpublic2015-01-25 20:03
ReporterMathias Assigned Tojandd  
PriorityhighSeveritymajorReproducibilityalways
Status closedResolutionfixed 
Product Version2014 Q4 
Target Version2014 Q4 
Summary0001347: list.cacert.org SSL/TLS configuration rated grade F on SSL Labs
DescriptionHi!

SSL/TLS issues on lists.cacert.org:
- SSLv3 enabled (POODLE)
- anonymous cipher suites enabled
- no forward secrecy with reference browser provided

For short: very, very bad :-(

Please see
https://lists.cacert.org/wws/arc/cacert-sysadm/2014-12/msg00000.html

Thanks for looking into this issue.

Mathias
TagsNo tags attached.
Reviewed by
Test Instructions

Relationships

child of 0001241 solved?jandd cacert.org SSL/TLS configuration is bad on many levels 

Activities

Mathias

2014-12-14 11:57

reporter  

jandd

2014-12-27 10:06

administrator   ~0005204

started work

jandd

2014-12-27 10:39

administrator   ~0005205

fixed, gets a grade A with ssllabs tests

Mathias

2015-01-25 20:03

reporter   ~0005272

Closed, thanks.

Issue History

Date Modified Username Field Change
2014-12-14 11:57 Mathias New Issue
2014-12-14 11:57 Mathias File Added: SSL_Labs-lists.cacert.org-grade_F-20141214.pdf
2014-12-14 11:58 Mathias Relationship added child of 0001241
2014-12-23 20:20 BenBE Assigned To => jandd
2014-12-23 20:20 BenBE Status new => needs work
2014-12-23 20:20 BenBE Product Version => 2014 Q4
2014-12-23 20:20 BenBE Target Version => 2014 Q4
2014-12-27 10:06 jandd Note Added: 0005204
2014-12-27 10:06 jandd Status needs work => confirmed
2014-12-27 10:39 jandd Note Added: 0005205
2014-12-27 10:39 jandd Status confirmed => solved?
2014-12-27 10:39 jandd Resolution open => fixed
2015-01-25 20:03 Mathias Note Added: 0005272
2015-01-25 20:03 Mathias Status solved? => closed