Hi,
After finding out about CVE-2009-3555 [1], I changed my Firefox
settings to not allow connections to HTTPS-websites that allow
old-style SSL-handshakes. That has had some interesting results - last
week I asked my bank (the largest in the Netherlands) to upgrade their
web server. Facebook, Microsoft,
bit.ly and many others have this
problem in some way or another.
Could Perspectives be a project to also check aspects of TLS usage
other than certificates, such as this?
Other aspects could be use of DNSSEC and TLSA, allowing SSLv3
connections etc., but I wouldn't know if Perspectives is the best
project to take on any of this, let alone what to prioritise.
Just a thought...
Groeten van Ben
[1]:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3555