Seems we had the protocols listed explicitly (to disable SSL2) and
TLS1.1/1.2 weren't available in the past when we were using Ubuntu 10.04.
We've been on 12.04 for a while, but the protocol list wasn't updated. I'm
pushing an updated config now. Thanks for letting us know!
On Mon, Jul 29, 2013 at 11:43 AM, Greg Grossmeier <greg(a)wikimedia.org>wrote;wrote:
Hi 0x0000,
<quote name="0x0000" date="2013-07-28" time="23:35:19
+0200">
hi,
recently i tested several sites who are using https, most of them
communicate with my chromium-webbrowser over TLS 1.1, but
wikipedia/wikimedia still is using TLS 1.0.
ssllabs (see link below) shows a warning notice that you should
upgrade to the newer version, i dont think there is a urgent
security reason for this but even if its only preventive upgarding
wouldn't be wrong, right?
example:
https://encrypted.google.com/ TLS 1.1
https://mega.co.nz/ TLS 1.1
https://www.ixquick.com/ TLS 1.1
https://btc-e.com/ TLS 1.1
https://www.wsws.org/ TLS 1.1
https://linksunten.indymedia.org/ TLS 1.1
https://en.wikipedia.org TLS 1.0
https://commons.wikimedia.org/ TLS 1.0
https://www.taz.de/ TLS 1.0
https://duckduckgo.com/ TLS 1.0
https://www.ssllabs.com/ssltest/analyze.html?d=https://en.wikipedia.org
hopefully at the right mailinglist, greetings 0x0000(a)anche.no
In this reply I just included wikitech-l(a)lists.wikimedia.org, which is
probably a better place than the Wikidata specific mailing list.
Best,
Greg
--
| Greg Grossmeier GPG: B2FA 27B1 F7EB D327 6B8E |
| identi.ca: @greg A18D 1138 8E47 FAC8 1C7D |
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l