Bitcoin Forum
May 06, 2024, 07:10:41 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > Wallet software > Electrum > Fix website TLS
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: Fix website TLS  (Read 455 times)
moni3z (OP)
Hero Member
*****
Offline Offline

Activity: 899
Merit: 1002



View Profile
January 26, 2014, 12:14:19 AM
 #1
Whenever you get a chance would be great if you could fix your TLS to prevent the CRIME attack by disabling TLS compression, and disable Client-Initiated Renegotiation which is insecure and can lead to somebody DoS attacking the site. Should also blacklist junk cipher suites with DES like TLS_RSA_WITH_DES_CBC_SHA and TLS_DHE_RSA_WITH_DES_CBC_SHA they are completely useless shouldn't be supported.

Even though most browsers disable TLS compression might as well not run it anyways server side.
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > Wallet software > Electrum > Fix website TLS
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!