Main OpenBSD site security encryption error: ssl_error_protocol_version_alert

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Main OpenBSD site security encryption error: ssl_error_protocol_version_alert

Danchev, Lambri
Dear OpenBSD Team,

Recently I red article describing security and releability of OpenBSD.
I had made attempt to visit your web site https://www.openbsd.org/, but couldn't open even the front page as per next error:

ssl_error_protocol_version_alert

Which tells me that something in your security certificates is not OK.
Please, find next screenshots from FireFox and Internet Explorer browsers.
Both browsers reported one and the same issue - your website could not be opened using secure "https" protocol.

[cid:image001.png@01D28846.5E9F9290]

[cid:image002.png@01D28846.5E9F9290]







Best regards,

Lambri Danchev
AT&T Global Network Operations
Enhanced Services Technology Operations (ESTO)
Palachovo nam. 726/2 -- 1st Floor
Brno 62500, Czech Republic
(US) +1-816-569-7696   (CZ) +420-5187-23169    Q-me<qto://talk/ld2092>
___________________________________________________________________________
*This email and any files transmitted with it are AT&T property, are confidential, and are intended solely for the use of the individual(s) or entities to which this email is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please do not forward or distribute it to anyone else, but telephone (816) 569-7696 to report the error and delete this message from your system. Any other uses, retention, dissemination, forwarding, printing, or copying of this email are strictly prohibited.


image001.png (64K) Download Attachment
image002.png (91K) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Main OpenBSD site security encryption error: ssl_error_protocol_version_alert

Martijn van Duren-8
Works fine for me.
See https://www.ssllabs.com/ssltest/analyze.html?d=www.openbsd.org

Time to update your system.

On 02/16/17 11:18, Danchev, Lambri wrote:

> Dear OpenBSD Team,
>
> Recently I red article describing security and releability of OpenBSD.
> I had made attempt to visit your web site https://www.openbsd.org/, but couldn't open even the front page as per next error:
>
> ssl_error_protocol_version_alert
>
> Which tells me that something in your security certificates is not OK.
> Please, find next screenshots from FireFox and Internet Explorer browsers.
> Both browsers reported one and the same issue - your website could not be opened using secure "https" protocol.
>
> [cid:image001.png@01D28846.5E9F9290]
>
> [cid:image002.png@01D28846.5E9F9290]
>
>
>
>
>
>
>
> Best regards,
>
> Lambri Danchev
> AT&T Global Network Operations
> Enhanced Services Technology Operations (ESTO)
> Palachovo nam. 726/2 -- 1st Floor
> Brno 62500, Czech Republic
> (US) +1-816-569-7696   (CZ) +420-5187-23169    Q-me<qto://talk/ld2092>
> ___________________________________________________________________________
> *This email and any files transmitted with it are AT&T property, are confidential, and are intended solely for the use of the individual(s) or entities to which this email is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please do not forward or distribute it to anyone else, but telephone (816) 569-7696 to report the error and delete this message from your system. Any other uses, retention, dissemination, forwarding, printing, or copying of this email are strictly prohibited.
>
>

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Main OpenBSD site security encryption error: ssl_error_protocol_version_alert

Stuart Henderson-6
In reply to this post by Danchev, Lambri
On 2017/02/16 10:18, Danchev, Lambri wrote:

> Dear OpenBSD Team,
>
> Recently I red article describing security and releability of OpenBSD.
> I had made attempt to visit your web site https://www.openbsd.org/, but couldn't open even the front page as per next error:
>
> ssl_error_protocol_version_alert
>
> Which tells me that something in your security certificates is not OK.
> Please, find next screenshots from FireFox and Internet Explorer browsers.
> Both browsers reported one and the same issue - your website could not be opened using secure "https" protocol.

I suspect you may have a corporate proxy or "security" device that is
doing a man-in-the-middle of your SSL connections, and is unable to cope
with modern security (https://www.openbsd.org *only* offers TLSv1.2, no
earlier version).

Please check some other website and verify the certificate issuer (e.g.
the certificate for https://www.letsencrypt.org/ should be issued by
IdenTrust's TrustID Server CA A52). If this is showing some other signing
CA then this is almost certainly the cause.

A recent review of security of this type of device shows many that only
support TLSv1.0. The original paper https://jhalderm.com/pub/papers/interception-ndss17.pdf
is currently offline (404) but google has a cached copy.

https://webcache.googleusercontent.com/search?q=cache:Igg-o2pcwyYJ:https://jhalderm.com/pub/papers/interception-ndss17.pdf+&cd=3&hl=en&ct=clnk&gl=uk&client=firefox-b

Loading...