Nmap Development mailing list archives
Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers
From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 17 Jul 2012 14:30:22 -0500
On Tue, Jul 17, 2012 at 11:39 AM, David Fifield <david () bamsoftware com> wrote:
This looks fine to me, except for the change from weak/strong to A–F. If we're going to do that, let's discuss it and do ti as a separate patch. It needs new @output too. Please regenerate it with your Perl script; assign anything "A" to "strong" and everything else "weak". I'm curious to know if anything we had previously classified as "strong" is weak according to the SSL ratings. David Fifield
I will do that. I'd like to keep a category for ciphers that do not encrypt or that do not authenticate. I'm calling it "broken" for now, but I'm open to suggestions. For clarification, here are the number of ciphers with each score currently: 3 unknown strength 263 A (strong) 21 D (weak) 13 E (weak) 59 F (broken) All of the previous "strong" ciphers get an "A" rating. If anyone can help me classify (find encryption key length of) the 3 unknown-strength ciphers I would greatly appreciate it: SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA TLS_GOSTR341094_WITH_28147_CNT_IMIT TLS_GOSTR341001_WITH_28147_CNT_IMIT Updated patch attached. Dan
Attachment:
ssl-ciphers.patch
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers Daniel Miller (Jul 16)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers Patrik Karlsson (Jul 16)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers Daniel Miller (Jul 17)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers David Fifield (Jul 17)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers Daniel Miller (Jul 17)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers David Fifield (Jul 17)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers Daniel Miller (Jul 18)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers Daniel Miller (Jul 17)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers Patrik Karlsson (Jul 16)