Necko:SSL v2 Sites: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
(strike some sites) |
||
| Line 9: | Line 9: | ||
* Washington State DMV https://wws2.wa.gov/dol/vsagents/ | * Washington State DMV https://wws2.wa.gov/dol/vsagents/ | ||
* British Cattle Movement Service https://www.bcms.gov.uk/bcms/wctd0001.htm | * British Cattle Movement Service https://www.bcms.gov.uk/bcms/wctd0001.htm | ||
* It looks that the "inloggen" link here was forgotten https://www.rabobank.nl | * <strike>It looks that the "inloggen" link here was forgotten https://www.rabobank.nl</strike> | ||
* Canon Europe https://my.canon-europe.com/ | * <strike>Canon Europe https://my.canon-europe.com/user/register.html</strike> | ||
Not SSL v2 but low security ciphers (other places to discuss these?): | Not SSL v2 but low security ciphers (other places to discuss these?): | ||
* [http://www.comcastsupport.com/sdcxuser/lachat/user/userchatstart.asp http://www.comcastsupport.com/sdcxuser/lachat/user/userchatstart.asp] | * <strike>[http://www.comcastsupport.com/sdcxuser/lachat/user/userchatstart.asp http://www.comcastsupport.com/sdcxuser/lachat/user/userchatstart.asp] | ||
** I have disabled SSL v2, all SSL v2 ciphers, everything with less than 128 bits, MD5 and this is the only site in over a year that I have seen that does not work. | ** I have disabled SSL v2, all SSL v2 ciphers, everything with less than 128 bits, MD5 and this is the only site in over a year that I have seen that does not work. | ||
** Now uses 128 bit.</strike> | |||
Other useful links: | Other useful links: | ||
Revision as of 18:33, 22 February 2006
This is a list of websites known to only support SSL v2 - that is, if you turn it off, you get an error message saying that you can't access the site, or any attempt to connect to the site causes a long hang. In order for a site to be added to this list, it should be quickly accessible with SSL v2 enabled, but you should get an error message or a hang with SSL v2 disabled.
We may later attempt to contact and evangelise these sites, but at the moment this is merely a recording exercise.
- https://register.btinternet.com/
https://mail.yourdomain.tld/ Network Solutions Webmail Direct (secure login)- The domain managementsite works fine with SSL 2.0 disabled.
Webmail Direct requirementsindicate that SSL v2 is required for a "secure" connection. Users may choose to disable SSL v2 and login via cleartext.NSI upgraded and fixed 09/24/05.
- Washington State DMV https://wws2.wa.gov/dol/vsagents/
- British Cattle Movement Service https://www.bcms.gov.uk/bcms/wctd0001.htm
It looks that the "inloggen" link here was forgotten https://www.rabobank.nlCanon Europe https://my.canon-europe.com/user/register.html
Not SSL v2 but low security ciphers (other places to discuss these?):
http://www.comcastsupport.com/sdcxuser/lachat/user/userchatstart.asp- I have disabled SSL v2, all SSL v2 ciphers, everything with less than 128 bits, MD5 and this is the only site in over a year that I have seen that does not work.
Now uses 128 bit.
Other useful links:
- Gerv's original blog post
- Opera forum post
- Netcraft may have SSL v2 server prevalence info
- SecuritySpace has another survey, although I don't think they have figures for SSL v2 only.
- IE7 will have SSL v2 disabled by default (and stricter UI for certificate errors).