On 2014-01-27 17:22, cl...@jhcloos.com wrote:
In case anyone is keeping a list, while helping a relative I determined
that timewarnercable.com's login server (wayfarer.timewarnercable.com)
will not work with tls 1.1 or 1.2. The connection fails after the client
right after the client hello.
A small number of sites have bad security settings. Here's some stats.
Supported Protocols Count Percent
-------------------------+---------+-------
SSL2 85447 18.9264
SSL2 Only 38 0.0084
SSL3 449864 99.6443
SSL3 Only 4443 0.9841
TLS1 446575 98.9158
TLS1 Only 736 0.163
TLS1.1 145266 32.1762
TLS1.1 Only 1 0.0002
TLS1.2 149921 33.2073
TLS1.2 Only 5 0.0011
TLS1.2 but not 1.1 11888 2.6332
I had to set security.tls.version.max to 1 to get ff (26) or sm (2.23)
to get her (relevant) profile to log in to their site.
Are you saying that the default settings were failing entirely, and you had
to force tls1 for this site?
[Side note: +\inf on the concecpt of profiles; one of Gecko's most
important features!]
-JimC
--
James Cloos <cl...@jhcloos.com> OpenPGP: 1024D/ED7DAEA6
- Julien
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
