SSL/TLS i think it needs care in some of the website parts:-
Good day,
that’s odd, mine says under “Verified by”: “StartCom Ltd”, so everything ok there.
To be honest, “whonix.org” actually uses a quite ingenious implementation of TLS 1.2, even the elliptic curve based diffie-hellman key exchange is applied, something some banks still don’t enforce.
Have nice day,
Ego
yeah correct the website need to be re-checked for hardening, @fortasse can u check why this is happening? and hope u can fix them.
@TNT_BOM_BOM, I can’t actually replicate this. Can you try clearing your cache and reconnecting?
Because we enforce HSTS, you shouldn’t even be able to connect to us without HTTPS. Maybe it’s a browser bug?
its not the first time this is happening.
not a browser bug i have checked the forum with Zaproxy (which i really advise u to use it for its accuracy & vulnerability updates + solutions) it showed up there r mixed connections of http/https. and actually gave many good issues with its solutions, i recommend to download it and check that for urself.
also why dont we use Lets Encrypt project certificate ?
Good day,
The certificate currently used is far superior in any aspect to the ones “Let’s encrypt” offers.
Have a nice day,
Ego
u mean stronger ?
Good day,
yes, very much.
Have a nice day,
Ego