2015-08-21 11:17 GMT+02:00 Tobias Ellinghaus <houz@...173...>:
Hello,
I hope that someone feeling responsible for the Inkscape website is reading this. Would it be possible to change the SSL used by inkscape.org to offer something modern and maybe disable old and weak cyphers? I have disabled the broken ones in my browser and can't reach the website any more. See [0] for details.
Tobias
[0] https://www.ssllabs.com/ssltest/analyze.html?d=inkscape.org&hideResults=...
Hi Tobias Can you be a bit more specific? Which cipher suites have you disabled because they are broken?
The SSL Labs report you link to gives an A grade and only A+ is better (usually requires HSTS and extra features for top score). The report clearly state that suitable connections can be made with TLS 1.2, 1.1 and 1.0. Downgrade to SSLv3 is not possible which is also good.
Regards