Am 25.05.2014 12:44, schrieb Reindl Harald: > Am 25.05.2014 12:38, schrieb Michael Meyer: >> *** Reindl Harald wrote: >> >>> and pretty sure also can't test modern ciphers >>> on target systems using whatever software with OpenSSL >> >> Pretty sure isn't the same as knowing. You are again wrong > > how are you doing that if your own library does not support > it? believe what the other side tells you without doing the > complete connection handshake?
and if doing so what are you doing with a webserver supporting *only* ECDHE for any connection - how do you scan the applications without write your own SSL library from scratch?
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
