Title: Electrum related questions (SSL and PGP) Post by: Cryptowatch.com on May 09, 2015, 11:06:24 PM Downloading electrum source and signature from https://electrum.org/#download:
https://download.electrum.org/Electrum-2.1.1.tar.gz https://download.electrum.org/Electrum-2.1.1.tar.gz.asc Checking site with ssllabs: https://www.ssllabs.com/ssltest/analyze.html?d=electrum.org The site scores 80/100 on Key Exchange. Is the below 'WEAK' entries antyhing at all to be concerned about? Code: Cipher Suites (SSL 3+ suites in server-preferred order; deprecated and SSL 2 suites always at the end) The only handshake simulation which had a match was: Code: OpenSSL 0.9.8y TLS 1.0 TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) FS 256 But that's an old OpenSSL version. Further, I found ThomasV's pubkey here: https://raw.githubusercontent.com/spesmilo/electrum/master/pubkeys/ThomasV.asc http://pgp.surfnet.nl:11371/pks/lookup?op=get&search=0x2BD5824B7F9470E6 But as you can see, those are different, why? |