Open patrakov opened 5 years ago
@patrakov Could you please share more details about IPXE and why adding its simulation to SSL Labs would be helpful
We will also look at whether it is needed by other users
It supports HTTPS when downloading kernels and other boot images, and it is a strange client with a limited set of supported ciphersuites.
Why it would be helpful - don't know.
Well, right now installation of FreeBSD via netboot.xyz is broken, because of zero overlap of supported ciphers between the https server on mfsbsd.vx.sk and IPXE, but with a confusing "permission denied" error. And in the future "test the distribution mirror on ssl labs" would be a simple-enough instruction for troubleshooting this class of problems.
Please add IPXE to the list of clients whose handshakes are simulated. Attached is a zipped (because of GitHub file extension filter) PCAP of the Client Hello message sent by this client. ipxe-client-hello.pcap.zip