How Cygwin counters man-in-the-middle (MITM) attacks
Corinna Vinschen
corinna-cygwin@cygwin.com
Mon Mar 9 13:43:00 GMT 2015
On Mar 8 20:44, Achim Gratz wrote:
> David A. Wheeler writes:
> > I checked Cygwin.com's SSL/TLS implementation using Qualsys
> > ( https://www.ssllabs.com/ssltest/ ). Cygwin.com got an overall rating
> > of "B" (capped because it permits the RC4 cipher).
Isn't that rather due to the IDEA cypher:
> | Not valid after: 2016-05-20T11:00:00+00:00
> | MD5: d888 b3ed 9f0f f8d1 5b57 fdd7 5122 bb53
> |_SHA-1: 349e 7f24 e249 2256 af2d 15a9 2883 ce84 4a40 a88f
> | ssl-enum-ciphers:
> | SSLv3: No supported ciphers found
> | TLSv1.0:
> | ciphers:
> | TLS_DHE_RSA_WITH_AES_128_CBC_SHA - strong
> | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - strong
> | TLS_DHE_RSA_WITH_SEED_CBC_SHA - strong
> | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - strong
> | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - strong
> | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - strong
> | TLS_RSA_WITH_AES_256_CBC_SHA - strong
> | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong
> | TLS_RSA_WITH_IDEA_CBC_SHA - weak
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Also, again, Cygwin is just one project on sourceware.org. It would be
nice if concerns like this would be addresses to the overseers mailing
list.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20150309/1440c017/attachment.sig>
More information about the Cygwin
mailing list