More info on BEAST and a recent Microsoft security update that was pushed out for it:
http://technet.microsoft.com/en-us/security/bulletin/ms12-006 http://www.securitynewsdaily.com/1077-beast-hack.html My bet is that the update is what caused it to break. On Thu, Feb 16, 2012 at 9:01 AM, Joe Bogner <joebog...@gmail.com> wrote: > You can see some interesting analysis on the certificate here: > https://www.ssllabs.com/ssldb/analyze.html?d=https://app.7fach.de > > It mentions being vulnerable to BEAST and offers this link > https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls > . > I haven't read through it. > > Have you tried using a signed certificate and/or adding the root cert to > the trusted list? However, it looks like the BEAST issue is regardless of > the cert. I suspect that's the cause. > > I can't connect with IE8 or Chrome on Windows so it might be that some > windows update came along and updated my underlying SSL stack. I can't > confirm though whether it worked previously. > > On Thu, Feb 16, 2012 at 8:46 AM, Alexander Burger <a...@software-lab.de>wrote: > >> Hi Thorsten, >> >> > http://code.google.com/p/chromium/issues/detail?id=98101#c31 >> > >> > Comment 8 by a...@chromium.org, Oct 12, 2011 >> > >> ,------------------------------------------------------------------------ >> > |Yes, requests will be in multiple records from now on. See >> >> I have no idea what "multiple records" mean in this context >> >> > |http://www.imperialviolet.org/2011/09/23/chromeandbeast.html Firefox >> >> So we are back to the BEAST issue (also mentioned by Randall in this >> thread a few days ago). >> >> Clueless, >> - Alex >> -- >> UNSUBSCRIBE: mailto:picolisp@software-lab.de?subject=Unsubscribe >> > >
