From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 814C4138A1F for ; Sat, 19 Apr 2014 19:43:44 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 1CED7E0B11; Sat, 19 Apr 2014 19:43:39 +0000 (UTC) Received: from mail.rootservice.org (devgate.rootservice.org [144.76.199.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id DF2AFE09AD for ; Sat, 19 Apr 2014 19:43:37 +0000 (UTC) Received: from devnoip.rootservice.org (devnoip.rootservice.org [46.59.202.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.rootservice.org (Postfix) with ESMTPSA id 3gB4NQ15x3zdG3g for ; Sat, 19 Apr 2014 21:43:33 +0200 (CEST) Date: Sat, 19 Apr 2014 21:43:33 +0200 From: Joe User Organization: RootService Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Re: Heartbleed fix - question re: replacing self-signed certs with real ones References: <201404171649.57228.michaelkintzios@gmail.com> <201404182001.31265.michaelkintzios@gmail.com> <53518AB0.3040802@gmail.com> <201404190033.35662.michaelkintzios@gmail.com> <5352965E.4020708@gmail.com> <0E54F746-D111-4689-8156-786BFC3FA136@iki.fi> <5352CF8F.7050603@gmail.com> In-Reply-To: <5352CF8F.7050603@gmail.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Message-Id: <3gB4NM59vnz62Xv@devnoip.rootservice.org> X-Archives-Salt: d4105d54-96af-47f0-a2ba-72475758d23b X-Archives-Hash: 393e97cc326c533c43240346719727e3 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 19.04.2014 21:33, Dale wrote: > Matti Nykyri wrote: >> On Apr 19, 2014, at 18:29, Dale > > wrote: >> >>> Mick wrote: >>>> Encryption still works, at least for some attackers. The fact >>>> that burglars can pick locks >>> doesn't mean that you should leave your door unlocked. FWIW I >>> just checked my bank's website encryption ... they *still* use >>> RC4!!! O_O I guess they are keen to make sure all these >>> customers with WinXP and MSIE 7.0 can still login? For crying >>> out loud! It seems that RSA's days may be numbered and elliptic >>> curve cryptography would be the way forward, not because of >>> resource constrained mobile devices, but also because of recent >>> advances in crypto-analytics which may make RSA obsolete: >>> http://www.technologyreview.com/news/517781/math-advances-raise-the-prospect-of-an-internet-security-crisis/ >>> >>> >>> >>> How does one find out what their bank uses? I'd like to check on >>> what mine uses. I have Seamonkey and Firefox installed here IF >>> it matters. >> >> Well you can use ssllabs.com . I use it for >> debuging. Here is what Bank of America uses: >> >> https://www.ssllabs.com/ssltest/analyze.html?d=www.bankofamerica.com&hideResults=on >> >> >> >> - -Matti > > I get this. > > https://www.ssllabs.com/ssltest/analyze.html?d=cadencebank.com&hideResults=on > > > > I don't know a lot about this encryption stuff but mine don't look > to good. :/ You got your test graded and mine seems to be bad > enough to not even deserve a grading. > > Dale > > :-) :-) > You have to use the https-URLs like this one: https://www.ssllabs.com/ssltest/analyze.html?d=secure1.cadencebanking.com&hideResults=on Very secure your banks customer-login ;) Time to move to a safer bank... - -- Kind Regards, Mit freundlichen GrĂ¼ssen, Markus Kohlmeyer Markus Kohlmeyer PGP: 0xEBDF5E55 / 2A22 1F71 AA70 1AD1 231B 0178 759F 407C EBDF 5E55 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBCgAGBQJTUtHkAAoJEHWfQHzr315VmSsQALxIc+McPiO66/eHX2SURyiP ruo56b2NnB/8h2PNM6u9yeqfqwQeMjuj3CmNM6NnM8R4S1CUBGNP14iubAvgKdWc JSjkWZZMO/zkdpJQPatWsFriKNRAWncybrc/cQ/h6b9SXsHu0PYtk3grFlKm7fSp k8bLWTJCTy3pKQW86g3rJ5vGjXP8n1BjF0GgQ5WJjBKJK8iUn8oGzG0M4He2Zi33 t1HONE1lpkpgUG1r7PycKCobQMypMbd/h5zXLrd6RwM5qP6tK/ZzNsFkGXoT3bWt icZCdlH2vmWUlFMB0fdGORyu0u0qhQ5VVL4PS+rd//aq8WhAobGoTomRU+woSBQY xuzqmm1ssxrqiPeHCbXvTOnl6EPAWIcCj9YloonPLB9SpNizXufqD5exVJWme/2H BZYMmfRK2kkIhvEnxb2js7COQtyVcajQ8paQfaYMmKjk/HtdZwfvYy4OV9TLXI7g zfPKo9vnXPnmg2DvVFnhRZC+KTlqyMC8fZ3TI6uPOWhaQIspx6gN0FpA8gEzD1mt 6Z38C7IdJrv72B3hDoXrZnIA6kmCEVQgky3G5Um1h+qNT19Xb2UuJPnYJoG9Q7KP idvxPaZBlXUvUePB2CZu2o1plS4m6Nyoglv6HCCdRB9tbonx5NOas6LefiZCpHkk ceNA84TmDiuVdt32nRZY =mc4j -----END PGP SIGNATURE-----