Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Apache-2.4.37.1 + OpenSSL-1.1.1.2 + TLSv1.3 - Cipher Strength caps at 90% #664

Open
davidfavor opened this issue Nov 12, 2018 · 1 comment
Open

Apache-2.4.37.1 + OpenSSL-1.1.1.2 + TLSv1.3 - Cipher Strength caps at 90% #664

davidfavor opened this issue Nov 12, 2018 · 1 comment

Comments

@davidfavor
Copy link

If I set SSLCipherSuite TLSv1.3 I do see only TLSv1.3 ciphers supported with Chrome 70 as only client which connect, which seems correct.

What seems incorrect, is...

  1. Score caps at A+, rather than A++.

  2. Cipher Strength caps at 90%, rather than 100%.

Let me know if this is correct (A+ with max 90% Cipher Strength) or...

my config is broken...

or the SSL Labs tester is broken.

Thanks.
@ArchangeGabriel
Copy link

  1. I don’t think there is an A++ grade.
  2. If you have any 128 bit cipher, then that is expected. Whether that should be the case or not is discussed in TLS 1.3 Cipher Strength 90%? #636.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@davidfavor @ArchangeGabriel