Nmap Development mailing list archives
[NSE] Script ssl-enum-ciphers should not penalize 3DES
From: nnposter <nnposter () users sourceforge net>
Date: Fri, 29 Jul 2016 11:10:23 -0600
As of now, script ssl-enum-ciphers is rating cipher suites based on 3DES (112-bit keys) the same as those using plain 56-bit DES. Given that 56-bit keys are considered easily within the reach of average adversaries while 3DES keys are deemed safe at the moment, I would like to propose that we change the rating to treat 3DES on par with 128-bit ciphers. This position is supported by SSL Labs, which does not flag presence of 3DES cipher suites, while rating "Cipher Strength" of such sites as "Green". More details at https://github.com/nmap/nmap/issues/474 Please voice any concerns with such a change. Cheers, nnposter _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Script ssl-enum-ciphers should not penalize 3DES nnposter (Jul 29)
- RE: [NSE] Script ssl-enum-ciphers should not penalize 3DES Rob Nicholls (Jul 29)
- Re: [NSE] Script ssl-enum-ciphers should not penalize 3DES nnposter (Aug 06)
- Re: [NSE] Script ssl-enum-ciphers should not penalize 3DES Daniel Miller (Aug 24)
- Re: [NSE] Script ssl-enum-ciphers should not penalize 3DES nnposter (Aug 24)
- Re: [NSE] Script ssl-enum-ciphers should not penalize 3DES nnposter (Aug 06)
- RE: [NSE] Script ssl-enum-ciphers should not penalize 3DES Rob Nicholls (Jul 29)