Hi, On 15 November 2013 02:33, Peter Saint-Andre <[email protected]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Matthew Wild has run some analytics on SSL/TLS versions negotiated > over a period of time at the jabber.org XMPP service. The percentages > were roughly as follows: > > TLS 1.0 72% > TLS 1.2 21% > TLS 1.1 4% > SSLv3 3%
Quick note: I consider these preliminary results, they've had very little processing and should be taken with a pinch of salt. For example, I had to filter out some spammer who was abusing the service with a single client and severely skewing the results. It's important to note that these are a series of handshakes over a period of time (~12h I think), and not a snapshot of connected clients at a single point in time - thus they might include reconnects and other biases. We saw somewhat different ratios on dukgo.com, which has a smaller but large userbase - however I believe dukgo.com users are heavily skewed towards Pidgin because of the tutorial they provide. Stats from there: TLS 1.0 66.4% TLS 1.1 16.7% TLS 1.2 16.6% SSL 3.0 0.2% I'm still trying to play with the data and get results I'm more confident in, and will post with more details when I have done so. As they say: beware lies, damned lies and statistics. Regards, Matthew _______________________________________________ JDev mailing list Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: [email protected] _______________________________________________
