SSL Security Scoring Rubric
Grading Scale
| Grade | Score Range | Description |
|---|---|---|
| A+ | 95-100 | Exceptional security implementation with no improvements needed |
| A | 85-94 | Strong security with minor potential improvements |
| B | 75-84 | Good security with some recommended improvements |
| C | 65-74 | Adequate security with several recommended improvements |
| D | 55-64 | Weak security requiring significant improvements |
| F | 0-54 | Critical security issues requiring immediate attention |
Scoring Criteria
Protocol Version (-30 points)
Using outdated TLS versions (TLS 1.0 or 1.1)
Key Strength (-20 points)
Using key size less than 2048 bits
Certificate Validity Period (-10 points)
Certificate validity longer than 825 days
Subject Alternative Names (-10 points)
Missing SAN extension
Authority Key Identifier (-5 points)
Missing Authority Key Identifier extension