test
qdiscover.primumterminus.com:443 · 2026-05-19 ·
Pentest
1 Critical
Executive Summary
CLASSICAL
TLS Classification
TLSv1.3
TLS Version
2
Total Findings
50
Risk Score
1 Critical
1 Medium
TLS / Cryptographic Findings
CRITICAL
Classical TLS Key Exchange on qdiscover.primumterminus.com:443
Harvest window
~10 years
~10 years
The endpoint qdiscover.primumterminus.com:443 negotiates TLS using a classical key exchange group (EC certificate). This is vulnerable to harvest-now-decrypt-later attacks. A quantum adversary recording this traffic today can decrypt it in approximately 10 years when cryptographically relevant quantum computers arrive.
Remediation:
Deploy Qveil in front of this endpoint to add ML-KEM-768 hybrid TLS. Zero backend changes required. Alternatively, migrate to a PQC-capable TLS stack.
SC-8SC-13SC-23
SC.3.177SC.3.185
MEDIUM
ECDSA Certificate on qdiscover.primumterminus.com:443
Harvest window
~12 years
~12 years
The certificate at qdiscover.primumterminus.com:443 uses ECDSA, which is vulnerable to Shor's algorithm on a quantum computer. While more resistant than RSA, ECDSA certificates will become forgeable as quantum computing matures.
Remediation:
Migrate to ML-DSA-65 certificates via Qid.
SC-8SC-17
SC.3.177