AnsweredAssumed Answered

Removing red highlighting for old browsers

Question asked by Barry Pollard on Jul 25, 2017
Latest reply on Jul 26, 2017 by Bhushan Lokhande

With the depreciation of old protocols (i.e. DH keys < 2048, 3DES) it is now expected to fail certain Handshake Simulations, including:

  • IE 6 / XP
  • IE 8 / XP
  • Java 6

Additionally TLSv1.0 is due to be switched off soon (e.g. to comply with PCI compliance mandate changes) which will make this problem worse. I already see this for those sites brave enough to switch of TLSv1.0 and TLSv1.1 (e.g. SSL Server Test: www.tfl.gov.uk (Powered by Qualys SSL Labs) ).

 

While I agree it is still useful for most (all?) of these Handshake Simulations to show in the testing tool, as they are (unfortunately!) still in reasonably popular use, I think the red colouring incorrect suggests a problem - rather than good config. Now it's probably not quite right to label these "green", but think you should consider changing them to a neutral black colour. At least for the 3 simulations I have suggested above, with perhaps the addition of the TLSv1.0-only clients at a future date.

 

Thoughts?

Outcomes