[cfe-dev] "Bugzilla – Suspicious Action" when trying to register on bugzilla
Joerg Sonnenberger via cfe-dev
cfe-dev at lists.llvm.org
Wed May 18 05:46:52 PDT 2016
On Wed, May 18, 2016 at 12:52:05PM +0100, Renato Golin via cfe-dev wrote:
> On 18 May 2016 at 12:24, Noam Lewis via cfe-dev <cfe-dev at lists.llvm.org> wrote:
> > By the way, also, the browser warns about the SSL connection using a weak,
> > untrusted cipher.
>
> It should be ok to ignore this, unless you're submitting private
> details to Bugzilla, which you really should not. :)
>
> But that does raise the question: couldn't we use Let's Encrypt's certificates?
>
> https://letsencrypt.org/
>
> Seems like a no brainer for all our websites.
Cipher choice has no relation to the CA used. It is more likely that for
whatever reason, only a list of very weak ciphers is provided. In my
case, TLS 1.2 with AES in CBC mode is used, which is a decent choice.
Joerg
More information about the cfe-dev
mailing list