Seems we had the protocols listed explicitly (to disable SSL2) and TLS1.1/1.2 weren't available in the past when we were using Ubuntu 10.04. We've been on 12.04 for a while, but the protocol list wasn't updated. I'm pushing an updated config now. Thanks for letting us know!
On Mon, Jul 29, 2013 at 11:43 AM, Greg Grossmeier greg@wikimedia.orgwrote:
Hi 0x0000,
<quote name="0x0000" date="2013-07-28" time="23:35:19 +0200"> > hi, > recently i tested several sites who are using https, most of them > communicate with my chromium-webbrowser over TLS 1.1, but > wikipedia/wikimedia still is using TLS 1.0. > ssllabs (see link below) shows a warning notice that you should > upgrade to the newer version, i dont think there is a urgent > security reason for this but even if its only preventive upgarding > wouldn't be wrong, right? > > example: > https://encrypted.google.com/ TLS 1.1 > https://mega.co.nz/ TLS 1.1 > https://www.ixquick.com/ TLS 1.1 > https://btc-e.com/ TLS 1.1 > https://www.wsws.org/ TLS 1.1 > https://linksunten.indymedia.org/ TLS 1.1 > https://en.wikipedia.org TLS 1.0 > https://commons.wikimedia.org/ TLS 1.0 > https://www.taz.de/ TLS 1.0 > https://duckduckgo.com/ TLS 1.0 > > > https://www.ssllabs.com/ssltest/analyze.html?d=https://en.wikipedia.org > > > hopefully at the right mailinglist, greetings 0x0000@anche.no
In this reply I just included wikitech-l@lists.wikimedia.org, which is probably a better place than the Wikidata specific mailing list.
Best,
Greg
-- | Greg Grossmeier GPG: B2FA 27B1 F7EB D327 6B8E | | identi.ca: @greg A18D 1138 8E47 FAC8 1C7D |
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l