I have an Apache openssl site that was tested by your testing process in 2012. At that time it reported these 2 lines (in addition to others).
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16) DH 1024 bits (p: 128, g: 1, Ys: 128)
I have not changed my openssl.conf file for the supported Cipher Strings. The base version of openssl is still 0.9.7d with patches for security vulnerabilities.
Today if you run the scan on the same site, it reports those as 112
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16) DH 1024 bits (p: 128, g: 1, Ys: 128) FS
I understand that the 112 to prevent the meet-in-the-middle attach (if I am descibing that correctly).
Why is there a change in what is being reported here please? Did the tool upgrade to report it differently please?
Thank you very much.