Closed emdee-is closed 1 year ago
There might be a confusion about what the tls field is for. I hope this change made it more clear? https://github.com/nusenu/ContactInfo-Information-Sharing-Specification/commit/a1b181ce7e86a125d823c0ac60eac98233812157
You have an SSL field for the SSL library which is of limited usefulness without the versions of the libraries: openssl you would want to know the versions of openssl.
More important is to know what versions of SSL/TLS the server speaks. Python code will not connect to SSLv* servers, and I don't think even TLSv1. The TLS field should be one of: TLSv1.1 TLSv1.2 or TLSv1.3 (currently).
We really need to get servers upgraded to TLSv1.3 as anything <= TLSv1.2 is suffering downgrade attacks in the wild over Tor.