AnsweredAssumed Answered

Suggestion how to simplify grading of SSLTest

Question asked by j-mailor on Jan 12, 2015
Latest reply on Jan 16, 2015 by Ivan Ristić


I have been reading the SSL Server Rating Guide (it looks little bit outdated document) and also investigating the grading itself and I think grading got from simple to pretty complicated. I have a suggestion how to drastically simplify the grading.


I suggest to put the tests into grade groups. How to group? If test fails then it goes into that grade group. For each grade write if server passed the test or failed. How to get a grade? See where is the worst group where failed test appears.


P.S. I just copy/pasted the current labels, but the text should be sometimes changes like now: "This server accepts the RC4 cipher, which is weak" to "RC4 cipher disabled - Passed".



In the sample above there are two "Failed" test at A and A-. Because A- is the worst grade where Failed appeared the grade is A-.


EDIT: I see I copied the same text to fields A and A-, which is a mistake. One test should only be in one grade group.