[nSLUG] Wikipedia changes/limits protocols?
D G Teed
donald.teed at gmail.com
Mon Jul 13 12:11:11 ADT 2015
On Mon, Jul 13, 2015 at 3:16 AM, Mike Spencer <mspencer at tallships.ca> wrote:
> This is kinda OT; it's about a network difficulty with HTTPS.
> Wikipedia recently went to HTTPS-only. That was a bother.
> Now I can't access it at all except with "wget --no-check-certificate".
> My "new" browser is an old version of Firefox. FF reports:
> The connection was reset
> The connection to the server was reset while the page was loading.
> and Wireshark shows repeated instances of this transaction:
> TCP 32998 > https [SYN]
> TCP https > 32998 [SYN, ACK]
> TCP 32998 > https [ACK]
> SSLv2 Client Hello
> TCP https > 32998 [ACK]
> TCP https > 32998 [RST, ACK]
> each with a new local port number.
> Does this mean that Wikipedia is just flatly refusing, at the protocol
> level, requests to do HTTPS via SSL? That they're demanding TLS or some
> other security protocol that I don't know about? Anybody know exactly
> what's going on here?
> Yeah, I know there's talk about SSL having flaws and being deprecated.
> But why (if the answer to the above question is "yes") is WP getting
> all hard-case about encryption? I don't care if the NSA or CSEC or
> GCHQ or anybody else can see what I read on WP. If I did, traffic
> analysis would get me anyhow. I don't get my newspaper by private
> courier in a Plain Brown Wrapper.
I would guess your wget is out of date. Mine on Debian 7 or 8 works fine
There have been many things deprecated in the last year or so around SSL.
It doesn't really matter what it is, unless you really want to know a lot
more about encryption, ciphers and that lot. I think you'll find updates
will remedy the picture, assuming you have an OS with package management
which will bring in the library and dependency updates.
More information about the nSLUG