SSL Labs: a batch of small improvements
I love when a project enters the phase where you're mainly concerned with improving upon what already works! I had some time yesterday and today to spend on SSL Labs so I used the opportunity to tweak the software a bit. The changes are as follows:
- Successful assessments are now cached for 24 hours.
- Unsuccessful assessments are now cached for 15 minutes.
- Display complete certificate chains, and make clear which certificates are trusted.
- Do more to detect SSLv2 error responses (a polite way for a site to say that it does not support SSLv2).
- Use colours and tags ("weak", "insecure", "confusing") to point to the bits in a configuration that are bad or can be improved.
I also fixed a bug or two, but that's not very important.