On Fri, Nov 15, 2013 at 2:33 AM, Peter Saint-Andre <[email protected]>wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Matthew Wild has run some analytics on SSL/TLS versions negotiated > over a period of time at the jabber.org XMPP service. The percentages > were roughly as follows: > > TLS 1.0 72% > TLS 1.2 21% > TLS 1.1 4% > SSLv3 3% > > Two points: > > 1. I'm disappointed that TLS 1.2 is still only ~20%. But that might be > driven by operating systems, not XMPP clients. > > 2. I wonder if some XMPP clients still cannot do TLS and therefore use > SSLv3 instead. Or is that too driven by operating systems? > > I'd have thought that for both of these it's either the OpenSSL from the OS, the OS facility itself, or the OpenSSL that got bundled. It seems unlikely that any XMPP clients are implementing their crypto layers themselves. /K
_______________________________________________ JDev mailing list Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: [email protected] _______________________________________________
