smaug

ENHANCEMENT REQUEST -- DROWN -- Please replace orange text with grey text

Discussion created by smaug on Oct 22, 2016

When the DROWN check fails, due to no fault of the server operating running a secure website and because the Censys data is not always accurate or up to date, then you should mark the text as grey, not orange. Orange implies something is wrong with the server, but that is not the case at all. The server is very secure and the test is simply failing on the Qualys side because SSLv2 is disabled completely on the test server and there are no mail services either. Please fix this. Again, make the text grey, especially in cases where you are more than likely to be wrong, especially when you are surely wrong (eg. SSLv2 is not even enabled).

 

DROWN (experimental) Check failed
(1) For a better understanding of this test, please read this longer explanation
(2) Key usage data kindly provided by the Censys network search engine; original DROWN test here
(3) Censys data is only indicative of possible key and certificate reuse; possibly out-of-date and not complete
ERROR: Connection refused
ERROR: Connection refused

 

Looking for your thoughts ivanr

Outcomes