Thanks, Jeroen. Yes, you are right. All of www.gutenberg.org is accessible as http:// and https://, to make it easier for people to access if they are having trouble with https://. - Greg On Wed, Feb 22, 2017 at 08:06:27AM +0000, jeroen@bohol.ph wrote:
Hi Greg, Carlo,
This issue is hard to solve. Due to various vulnerabilities in SSL/TLS, most older cypher-suites have been retired and phased out, and as a result, older browsers are basically left in the dark. At this point in time, only TLS version 1.2 is considered good enough (as far as you can consider the certificate structure underlying TLS secure, there are some significant issues here as well; current browsers trust half the world, including the governments of the US, Russia and China to guaranty certificates; my suggestion would be to only trust certificates if the country of issuance corresponds with the country of the site, but this is diversion...).
No security is is better than fake security, so it is better to default back to plain HTTP, than give a false sense of security by allowing older versions of TLS/SSL on the server. The server rightly refuses to do so.
For some background: https://en.wikipedia.org/wiki/Transport_Layer_Security
Regards,
Jeroen.
Quoting Greg Newby <gbnewby@pglaf.org>:
Thanks, Carlo. We haven't had other error reports for Firefox 20.0.
One problem I know about, but haven't been able to solve, is MSIE11 with Windows 7. Best, - Greg
On Tue, Feb 21, 2017 at 11:45:46PM +0100, traverso@dp.dm.unipi.it wrote:
I have a computer with an old firefox (20.0) and I cannot connect with it to PG, I receive an error page: ------------------------------------------------- Secure Connection Failed
An error occurred during a connection to www.gutenberg.org.
Cannot communicate securely with peer: no common encryption algorithm(s).
(Error code: ssl_error_no_cypher_overlap)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site. -------------------------------------------------
Not a problem for me (I use another browser) but might be a problem for other users. I don't have the same problem on other https sites.
Carlo
_______________________________________________ gutvol-d mailing list gutvol-d@lists.pglaf.org http://lists.pglaf.org/mailman/listinfo/gutvol-d
_______________________________________________ gutvol-d mailing list gutvol-d@lists.pglaf.org http://lists.pglaf.org/mailman/listinfo/gutvol-d