Re: Government of Mauritius website allows weak security

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: S Moonesamy <sm+mu_at_elandsys.com>
Date: Mon, 29 Jun 2015 09:51:22 -0700

Hi Ish,
At 03:30 29-06-2015, Ish Sookun wrote:
>That would be a good reason for not giving biometric data to the
>government :-) www.govmu.org responds from 202.123.27.113 and
>mail.govmu.org responds from 202.123.27.102. Both of them accept
>TLS_RSA_WITH_RC4_128_MD5.
>
>I mentioned that one applies RFC 7465 unless there is a reason for
>not doing so. Does the government have one? Hmm. It should be asked
>to the related government agency.

Please see
http://lists.elandnews.com/archive/mauritius/internet-users/2015/05/1787.html

>In the earlier email, I mentioned MCB Internet Banking (ib.mcb.mu)
>supports TLS_RSA_WITH_RC4_128_MD5. I would expect the Mauritius
>Commercial Bank to be more security conscious than government agencies.

Is https://ib.ncbl.mu secure?

Regards,
S. Moonesamy
Received on Mon Jun 29 2015 - 16:54:50 PST

This archive was generated by hypermail 2.3.0 : Mon Jun 29 2015 - 17:00:02 PST