This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:Testing for SSL-TLS (OWASP-CM-001)

From OWASP
Revision as of 13:23, 2 December 2008 by KirstenS (talk | contribs) (Talk:Testing for SSL-TLS moved to Talk:Testing for SSL-TLS (OWASP-CM-001))

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Reference/Citation needed

We should attach a reference or citation to the first part of the summary: "Due to historic export restrictions of high grade cryptography".
Rick.mitchell 10:09, 3 September 2008 (EDT)

Testing with OpenSSL?

Vulnerability scanners are mentioned a number of times, determination as to whether LOW or NULL strength ciphers can be used can be accomplished via OpenSSL, for example:

openssl s_client -connect www.google.com:443 -cipher NULL
openssl s_client -connect www.google.com:443 -cipher LOW

Rick.mitchell 12:38, 3 September 2008 (EDT)