Updates to SSL Labs testing methods in 2017.

  • Tom's Harware reporting on an announcement from Qualys.

    The highlights:

    • 3DES will be penalized
    • Forward Secrecy required for an A rating
    • lAEAD suites required for an A+ rating (ChaCha20-Poly1305 and AES-GCM)
    • All ciphers weaker than 128bits will receive an F
    • SHA1 depreciated

    What tools do you like to use to check website security?