Access to www.gnupg.org only via TLS
Werner Koch
wk at gnupg.org
Wed Apr 30 14:21:15 CEST 2014
On Wed, 30 Apr 2014 10:25, gollo at fsfe.org said:
> the SSLLabs test shows two small issues when testing gnupg.org [2], one
> of which is the too short time sent in the HSTS header.
Ooops, copy and paste error: I missed the last 0 of max-age=31536000.
Also fixed in the Boa source code examples.
The missing forward secrecy is mainly an issue with IE which gives
non-FS algorithm suites a higher preference; but for older IEs a non-FS
algorithm is required. We don't have any user data at this site so the
missing forward secrecy for anyway bugged Microsoft browsers should not
be an issue.
Salam-Shalom,
Werner
p.s
I understand why Microsoft makes it hard to use FS - that abbreviation
is also used for free software ;-)
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users
mailing list