--- /dev/null
+www.cduniverse.com
+ v2 :
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ SSL_RSA_WITH_DES_CBC_MD5
+ root: RSA Secure Server CA
+ resumable session via sslViewer? yes
+ v3:
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ SSL_RSA_WITH_RC4_128_SHA
+ SSL_RSA_WITH_DES_CBC_SHA
+ root: RSA Secure Server CA
+ pass root cert? NO
+ send close alert? NO
+ resumable session via sslViewer? yes
+ resumable session via URLAccess? sometimes
+
+ TLSv1? yes
+
+www.amazon.com 208.216.182.15
+ v2 :
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ SSL_RSA_WITH_DES_CBC_MD5
+ root: RSA Secure Server CA
+ resumable session via sslViewer? yes
+ v3:
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
+ domestic: SSL_RSA_WITH_3DES_EDE_CBC_SHA
+ SSL_RSA_WITH_RC4_128_SHA
+ SSL_RSA_WITH_DES_CBC_SHA
+ root: RSA Secure Server CA
+ pass root cert? NO
+ send close alert? YES
+ resumable session via sslViewer? yes
+ resumable session via URLAccess? unknown
+
+ TLSv1? yes
+
+store.apple.com 17.254.3.41
+ v2 :
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: RSA Secure Server CA
+ resumable session via sslViewer? yes
+ resumable session via URLAccess? unknown
+
+ v3: none - only does V2
+ export: n/a
+ domestic: n/a
+ root: n/a
+ pass root cert? n/a
+ send close alert? n/a
+
+ TLSv1? no
+
+www.dvdexpress.com 208.228.126.81
+ v2 :
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: RSA Secure Server CA
+ v3:
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: RSA Secure Server CA
+ pass root cert? NO
+ send close alert? NO
+
+www.xdss.com 204.33.235.33
+ v2 :
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: RSA Secure Server CA
+ v3:
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: old RSA Secure Server CA, expires 12/99
+ pass root cert? YES
+ send close alert? YES
+ resumable session via sslViewer? NO - MAC errors (Triple DES OK)
+
+ TLSv1? no
+
+accounts2.keybank.com 156.77.100.194
+ v2 :
+ export: ?
+ domestic: ?
+ root: VeriSign International Server CA - Class 3
+ (note this isn't a known root!)
+ Note this server can't be verified in SSL2 mode
+ v3:
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: Verisign Class 3 Public Primary CA
+ pass root cert? NO
+ send close alert? NO
+ resumable session via sslViewer? yes
+ resumable session via URLAccess? no, not attempted
+
+ TLSv1? yes
+
+cdnow.com 209.83.166.2
+ v2 :
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: RSA Secure Server CA
+ v3:
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ Note: no server key exchange message!
+ domestic: SSL_RSA_WITH_3DES_EDE_CBC_SHA
+ root: RSA Secure Server CA
+ pass root cert? NO
+ send close alert?
+ resumable session via URLAccess? TBD
+
+ TLSv1? yes as of 5/1/02
+
+www.proteron.com 206.132.170.39
+ v2 :
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: Thawte Server CA
+ v3:
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_3DES_EDE_CBC_SHA
+ root: Thawte Server CA
+ pass root cert? NO
+ send close alert? YES
+ resumable session via sslViewer? yes
+ resumable session via URLAccess? no, not attempted
+
+ TLSv1? yes
+
+www.starnine.com
+ v2 :
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: Equifax Secure E-Business CA-2, UNKNOWN
+ v3:
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_3DES_EDE_CBC_SHA
+ root: Thawte Server CA (verifier Equifax Secure E-Business CA-2)
+ -- end-of-chain expired Jul 10, 2001
+ pass root cert? NO
+ send close alert? NO
+
+config.puretec.de
+ v2 :
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: Thawte Server CA
+ v3:
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_3DES_EDE_CBC_SHA
+ root: Thawte Server CA
+ pass root cert? NO
+ send close alert? NO
+ resumable session via sslViewer? no
+
+ TLSv1? yes
+
+comhome.comdirect.de /de/comhome/login/index_login.html
+ v2 :
+ export: ?
+ domestic: ?
+ root: VeriSign International Server CA - Class 3 - UNKNOWN
+
+ v3:
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: Verisign Class 3 Public Primary Certification Authority
+ pass root cert? NO
+ send close alert? NO
+ resumable session via sslViewer? no
+
+www.yellownet.ch
+ v2 :
+ export: ?
+ domestic: ?
+ root: VeriSign International Server CA - Class 3
+ (note this isn't a known root!)
+ Note this server can't be verified in SSL2 mode
+ v3:
+ domestic: SSL_RSA_WITH_3DES_EDE_CBC_SHA
+ root: Verisign Class 3 Public Primary CA
+ pass root cert? NO
+ send close alert? YES
+ resumable session? NO
+
+www.thawte.com
+ v2 :
+ export: SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: Thawte Server CA
+ v3:
+ domestic: SSL_RSA_WITH_3DES_EDE_CBC_SHA
+ root: Thawte Server CA
+ pass root cert? NO
+ send close alert? YES
+ resumable session via sslViewer? yes
+ resumable session via URLAccess? no, not attempted
+
+ TLSv1? yes
+
+banking.wellsfargo.com
+ v2 :
+ export: ?
+ domestic: ?
+ root: VeriSign International Server CA - Class 3
+ (note this isn't a known root!)
+ Note this server can't be verified in SSL2 mode
+ v3:
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: Verisign Class 3 Public Primary CA
+ pass root cert? YES
+ send close alert? YES
+ resumable session via sslViewer? yes, but >4 loops required
+ resumable session via URLAccess? YES
+
+gen2.aeacu.com
+ v2 :
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: RSA Secure Server CA
+
+ v3:
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: RSA Secure Server CA (expires 10/11/01)
+ pass root cert? YES
+ send close alert? NO
+ resumable session via sslViewer? yes
+ resumable session via URLAccess? not attempted
+
+ TLSv1? yes
+
+secure.authorize.net
+ v2 :
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: RSA Secure Server CA
+
+ v3:
+ domestic: SSL_RSA_WITH_RC4_128_MD5
+ root: RSA Secure Server CA
+ pass root cert? NO
+ send close alert? NO
+ resumable session via sslViewer? sometimes - server rejects some attempts
+ resumable session via URLAccess? unknown
+
+ TLSv1? yes
+
+mail.wwc.com
+ v2 :
+ domestic: SSL_NULL_WITH_NULL_NULL!
+ root: None! errSSLClosedGraceful!
+
+ v3:
+ domestic: SSL_RSA_WITH_RC4_128_SHA
+ root: Stalker Software, Inc. (Unknown)
+ pass root cert? NO
+ send close alert? YES
+
+www.cynic.org
+ v2 :
+ domestic: SSL_RSA_WITH_RC4_128_MD5!
+ root: Cynics At Large Certificate Authority(Unknown)
+
+ v3:
+ domestic: SSL_RSA_WITH_3DES_EDE_CBC_SHA
+ root: Cynics At Large Certificate Authority(Unknown AND expired)
+ pass root cert? YES
+ send close alert? NO
+ resumable session via sslViewer? yes
+ resumable session via URLAccess? unknown - illegal root cert
+....................................................
+
+Supported CipherSuites
+
+SSL_RSA_WITH_3DES_EDE_CBC_SHA
+ www.amazon.com v3
+ www.proteron.com v3
+ www.starnine.com v3
+
+SSL_RSA_WITH_3DES_EDE_CBC_MD5 (v2 only)
+ www.proteron.com
+
+SSL_RSA_WITH_RC4_128_SHA
+ www.amazon.com v3
+ cdu1.cduniverse.com v3
+
+SSL_RSA_WITH_RC4_128_MD5
+ just about everyone, both v2 and v3
+
+SSL_RSA_WITH_DES_CBC_SHA
+ www.amazon.com v3
+ cdu1.cduniverse.com v3
+
+SSL_RSA_WITH_DES_CBC_MD5
+ www.amazon.com v2
+ cdu1.cduniverse.com v2
+
+SSL_RSA_EXPORT_WITH_RC4_40_MD5
+ just about everyone, both v2 and v3
+
+SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
+ www.amazon.com v3
projects / apple / security.git / blobdiff