On https://tls.imirhil.fr/ , what does "Fatal":"DES3" mean?

[tobireif]

On https://tls.imirhil.fr/ , what does "Fatal":"DES3" mean?

For example, this page https://tls.imirhil.fr/https/tobireif.com currently has "Fatal":"DES3" . It is hosted by 1und1 via shared hosting. What should I (or the hosting company) do?

[ArchangeGabriel]

This means that your server support 3DES cipher for SSL/TLS communications, which has at least one known security flaw (SWEET32), and is more generally weak. So cryptcheck, just like ssllabs and potentially htbridge (two other SSL/TLS checkers), degrade your rate because of this.

What you need to do is disable this cipher, but since you have probably no control over that, you will have to ask your hosting service. But note that they might not do it, because if I remember well this is the best cipher supported by Windows XP, and even if it’s bad they probably still have visitors from this OS, would it even be not for your website but others they host, since they probably can’t change it just for one website.

[aeris]

Compatibility for Windows XP is highly difficult to achieve in practice.

Without SP3, XP doesn’t support SNI, so no way to have good behavior even with 3DES, you will get the wrong certificate (nginx & apache) and possible the wrong content behind the TLS handshake (apache only). Even with XP3, XP supports no more than TLSv1.0 and doesn’t support ECDSE, so again, compatibility is difficult. And even with 3DES, JS & CSS support are just crappy and in practice, the content will be very ugly or unusable.

The best is to help users to migrate to decent browser or OS and keep safe TLS configuration side side. Compatibility is very good for TLSv1.2 and ECDHE+AES (only old Android (4.4-) doesn’t support this config but patch exists application side to enable TLSv1.2 support).

Keep in mind that at the time a weak cipher is enable server side, an attacker can ALWAYS force the user to use it even if better cipher is supported, with a downgrade attack with just simple hardware requirement. This is why you don’t want weak cipher for compatibility : you put at risk ALL your users to keep your unsafe/obsolete users.

[ArchangeGabriel]

Just to be clear, I totally agree with you on all this @aeris, I just say that 1&1 might not see it that way…

[ArchangeGabriel]

Oh, just some more comments… If the user does not support 3DES, there is no possible downgrade to it, right @aeris ?

Also, it seems there has been an upgrade on your server @tobireif, because now it does not report 3DES anymore: https://dev.ssllabs.com/ssltest/analyze.html?d=tobireif.com&s=217.160.0.98&hideResults=on https://tls.imirhil.fr/https/tobireif.com https://www.htbridge.com/ssl/?id=fffb2938b4e4c286bce4e97ee6ef89202f0594ca5a4c99cb77a8eab914ad89af

So I guess you’ve had access to that in the end and figured it out?

[aeris]

Oh, just some more comments… If the user does not support 3DES, there is no possible downgrade to it, right @aeris ?

Yep. The only case I know when downgrade is possible without explicit support on the client-side is for DHE export. See this video around 25min. This is why I don’t recommend enabling DHE and prefering ECDHE. DHE is also very slower and not dump-user-proof (need to generate good DH params, see the same video)

[tobireif]

Thanks all for the replies!

I haven't changed anything, but now https://tls.imirhil.fr/https/tobireif.com doesn't report any fatal issues anymore.

And https://www.ssllabs.com/ssltest/analyze.html?d=tobireif.com&latest reports "A+".

It seems it's all OK now 😀