[Cyberduck-trac] [Cyberduck] #7637: TLS 1.1-1.2 support (better, secure protocols)

Cyberduck trac at trac.cyberduck.io
Sun Nov 24 19:01:36 UTC 2013 

#7637: TLS 1.1-1.2 support (better, secure protocols)
-------------------------+----------------------
 Reporter:  wwwpixime    |         Owner:
     Type:  enhancement  |        Status:  new
 Priority:  lowest       |     Milestone:
Component:  core         |       Version:  4.4.2
 Severity:  normal       |    Resolution:
 Keywords:               |  Architecture:
 Platform:               |
-------------------------+----------------------
Description changed by wwwpixime:

Old description:

> hi David,
>
> This feature request may not be on demand, but I'll just propose this
> hoping it will be reconsidered in the future versions.
>
> I've setup 5 public WebDAV targets for developer testing (Login:
> webdav/webdav)
>
> https://dav.pixi.me/ (no SSLv3, supports TLSv1-1.2 - Apache/mod_dav
> framework)
> https://tlsv11.pixi.me/ (no SSLv3, supports TLSv1.1 only -Apache/mod_dav
> framework)
> https://tlsv12.pixi.me/ (no SSLv3, supports TLSv1.2 only - Apache/mod_dav
> framework)
> http://dav.negimaki.com/ (no SSL/TLS required - Apache/mod_dav framework)
>
> https://g2.pixi.me/w/webdav/ (no SSLv3, supports TLSv1-1.2 - Gallery 2
> WebDAV module framework) - ** uploads will render 0 bytes because
> Cyberduck only supports certain types of WebDAV frameworks, mainly
> Apache/mod_dav **
>
> ciphers we use (in Server preferred order):
>
> ECDHE-RSA-AES256-GCM-SHA384
> ECDHE-RSA-AES128-GCM-SHA256
> ECDHE-RSA-RC4-SHA
> ECDHE-RSA-AES256-SHA384
> ECDHE-RSA-AES128-SHA256
> ECDHE-RSA-AES128-SHA
> RC4-SHA
>
> Per target, my testing involves these actions:
>
> - upload/rename/delete files of various types (image, docs, pdfs)
> - upload/rename/delete/move folders
>
> I'll update the entry for Cyberduck (both platforms) in
> https://pixi.me/webdav.php#matrix whenever these enhancement request will
> get implemented in the future.
>
> Thanks again!
>
> Best regards,
>
> Steve Caturan

New description:

 hi David,

 This feature request may not be on demand, but I'll just propose this
 hoping it will be reconsidered in the future versions.

 I've setup 5 public WebDAV targets for developer testing (Login:
 webdav/webdav)

 - https://dav.pixi.me/ (no SSLv3, supports TLSv1-1.2 - Apache/mod_dav
 framework)
 - https://tlsv11.pixi.me/ (no SSLv3, supports TLSv1.1 only -Apache/mod_dav
 framework)
 - https://tlsv12.pixi.me/ (no SSLv3, supports TLSv1.2 only -
 Apache/mod_dav framework)
 - http://dav.negimaki.com/ (no SSL/TLS required - Apache/mod_dav
 framework)

 - https://g2.pixi.me/w/webdav/ (no SSLv3, supports TLSv1-1.2 - Gallery 2
 WebDAV module framework) - ** uploads will render 0 bytes because
 Cyberduck only supports certain types of WebDAV frameworks, mainly
 Apache/mod_dav **

 ciphers we use (in Server preferred order):

 - ECDHE-RSA-AES256-GCM-SHA384
 - ECDHE-RSA-AES128-GCM-SHA256
 - ECDHE-RSA-RC4-SHA
 - ECDHE-RSA-AES256-SHA384
 - ECDHE-RSA-AES128-SHA256
 - ECDHE-RSA-AES128-SHA
 - RC4-SHA

 Per target, my testing involves these actions:

 - upload/rename/delete files of various types (image, docs, pdfs)
 - upload/rename/delete/move folders

 I'll update the entry for Cyberduck (both platforms) in
 https://pixi.me/webdav.php#matrix whenever these enhancement request will
 get implemented in the future.

 Thanks again!

 Best regards,

 Steve Caturan

--

-- 
Ticket URL: <https://trac.cyberduck.io/ticket/7637#comment:1>
Cyberduck <http://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows

More information about the Cyberduck-trac mailing list