mirror of
https://github.com/mozilla/cipherscan.git
synced 2024-12-25 12:13:41 +01:00
tweak phrasing for analyze.py report
for intermediate and modern, we expect the server to support exact set of curves, reflect that in the error message
This commit is contained in:
parent
b0548dff8e
commit
981ac390d6
@ -217,7 +217,7 @@ def is_intermediate(results):
|
||||
failures[lvl].append("use a certificate signed with %s" % " or ".join(inter["certificate_signatures"]))
|
||||
isinter = False
|
||||
if not has_pfs:
|
||||
failures[lvl].append("consider using DHE of at least 2048bits and ECC of at least 256bits")
|
||||
failures[lvl].append("consider using DHE of at least 2048bits and ECC of 256bits and greater")
|
||||
if not has_ocsp:
|
||||
failures[lvl].append("consider enabling OCSP Stapling")
|
||||
if results['serverside'] != 'True':
|
||||
@ -266,7 +266,7 @@ def is_modern(results):
|
||||
failures[lvl].append("use a certificate signed with %s" % " or ".join(modern["certificate_signatures"]))
|
||||
ismodern = False
|
||||
if not has_pfs:
|
||||
failures[lvl].append("use DHE of at least 2048bits and ECC of at least 256bits")
|
||||
failures[lvl].append("use DHE of at least 2048bits and ECC of at 256bits and greater")
|
||||
ismodern = False
|
||||
if not has_ocsp:
|
||||
failures[lvl].append("consider enabling OCSP Stapling")
|
||||
|
Loading…
Reference in New Issue
Block a user