Closed Bug 1133940 Opened 10 years ago Closed 10 years ago

ssl.safaribooksonline.com only supports TLS 1.0 and RC4

Categories

(Web Compatibility :: Desktop, defect)

defect
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: keeler, Unassigned)

References

()

Details

https://www.ssllabs.com/ssltest/analyze.html?d=ssl.safaribooksonline.com Protocols TLS 1.2 No TLS 1.1 No TLS 1.0 Yes SSL 3 No SSL 2 No Cipher Suites (sorted by strength; the server has no preference) TLS_RSA_WITH_RC4_128_SHA (0x5) WEAK 128 Also, it appears to support the insecure client-initiated renegotiation (i.e. MITM is possible).
No longer depends on: 1042380
No longer blocks: 1124039
I e-mailed Safari about this, and I got the following response from a member of their Technical Support: > Our engineers are currently preparing for the switch to supporting the AES-256 cipher and we hope > to have this ready sometime next month. Thank you for taking the time to let us know about this, > I was unaware of the planned deprecation of RC4 in Firefox 39 but fortunately we should be ahead > of that release. Sounds like a decent plan!
TLS 1.0 through TLS 1.2 and modern cipher suites are all supported now.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Product: Tech Evangelism → Web Compatibility
You need to log in before you can comment on or make changes to this bug.