2194 shaares
908 private links
908 private links
Currently, CryptCheck gives note from G for the worst sites to A+ for the best ones.
Scoring is based on the fact that TLS handshake is not authenticated, and so an attacker can force to use whatever cipher he wants as soon as both client and server support it, with a downgrade attack as simple as modify TCP packets on the fly.