Firefox reinforces a bit the safety of the users. The browser will refuse indeed to connect to HTTPS websites be considered as weakly or poorly encrypted. In this case, the browser will now display the following error message : “ssl_error_weak_server_ephemeral_dh_key”.
in practical terms, Firefox will block sites connected to servers that do not have a key of at least 1023 bits for the asymmetric algorithm key exchange Diffie-Hellman (DH). Recall that a year ago, a group of researcher has discovered multiple vulnerabilities in the algorithm used in TLS. Close in the functioning of Freak, this vulnerability affects thousands of servers around the world.
If a fix has been deployed, “a small number of sites is still not configured to use the key strong enough,” says David Keller, a security engineer at Firefox, sites that will be blocked. They account for approximately 7,000 of the 140,000 the most frequented sites
key Figures : the world market for Internet browsers
No comments:
Post a Comment