× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. July 2013

Re: TLS 1.1 and 1.2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

There was a problem discovered with TLS 1.0 called a Cypher Block
Chaining attack:

https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.0
http://en.wikipedia.org/wiki/BEAST_(computer_security)#BEAST_attack

It was already known for a while that there was a theoretical issue
with TLS 1.0, but at the end of 2011 a practical exploit was discovered.

You should consider upgrading if the data displayed in the site is an
important asset, e.g. customer records, medical records,...

If it's just a public web facing portal I wouldn't mind.

Yvan

On 31/07/13 14:51, Bradley Stone wrote:
I would contact IBM support and ask if you don't get a reply here.

I also wouldn't worry about it too much as most of these sites are
there so that you will call them and they will do work for you
because you failed their test. Sort of like all those SEO emails
we get these days telling us our site isn't showing up on the
searches like it "could".

But it is a legitimate question, just not something I'd be too
worried about.

Brad www.bvstools.com


On Tue, Jul 30, 2013 at 10:03 PM, Mike Cunningham
<mike.cunningham@xxxxxxx>wrote:

I ran our iSeries web server against this test service
https://www.ssllabs.com/ssltest/ and it gave a low rating because
the server does not support TLS 1.1 or 1.2. I can see posts where
Apache has updated mod_ssl to support 1.2 but I can't find any
reference to IBM updating mod_ssl for their implementation of
apache. I am running V7.1. Does anyone know if TLS 1.2 is
supported and how to turn it on if it is?


Mike Cunningham Pennsylvania College of Technology
www.pct.edu<http://www.pct.edu/>

-- This is the Midrange Systems Technical Discussion (MIDRANGE-L)
mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To
subscribe, unsubscribe, or change list options, visit:
http://lists.midrange.com/mailman/listinfo/midrange-l or email:
MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at
http://archive.midrange.com/midrange-l.



- --
|_|0|_| Yvan Janssens
|_|_|0| Observe. Hack. Meet. https://www.ohm2013.org
|0|0|0| ['2013-07-31','2013-08-04']
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.20 (Darwin)
Comment: GPGTools - https://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBCgAGBQJR+QmLAAoJEElyT3Tqk/McPs8IAI7G+nyKd7UqLdym2N1atSfC
DEqFbYrrnYFauM5W72ap/KzXW679g+pcLN0MMsph0ikithEFS7WjCwKSFPSdBxqr
J+Ubtbgb7blKHkQ45L3Rv8zYyVVdzfesfOX8IbaQmCNJyGjiimp1M8rDL5uKNcQg
3T9pJP3n+ZZXwO2Ct8fAzRpTooJpisbP0hfib37vwmrBtnz107cTkjP3YTv0BxJW
sCla6ioRwAregcbHgJDxPbuKaHw3pBa5VqErRr/DgSbHsPgb1VjThsQ8ElrWDkU7
Bp673OHGGeY9xBPtT3v3neBXvlGbvVWwbu4LqsV5XJm5FNXhr6bzj8j8sGxRnyE=
=PisY
-----END PGP SIGNATURE-----

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.