Home > Uncategorized > Hubert’s TLS Scan results for September 2014

Hubert’s TLS Scan results for September 2014


I’ve been enjoying watching these trends.

securitypitfalls

Ciphers

This time the results are not really different from past month’s ones. About two percent of servers more use SHA-256 signed certificates and 1% more has configuration that allows negotiation of PFS suites.

Small change to reported results: I’ve added “Insecure” entry which counts the number of servers that will use completely insecure cipher suite like single DES, RC2 or export grade ciphers. It doesn’t include the “controversial but not broken” IDEA and SEED ciphers.

SSL/TLS survey of 402742 websites from Alexa's top 1 million Stats only from connections that did provide valid certificates (or anonymous DH from servers that do also have valid certificate installed) Supported Ciphers         Count     Percent -------------------------+---------+------- 3DES                      349454    86.7687 3DES Only                 164       0.0407 AES                       374868    93.0789 AES Only                  1017      0.2525 AES-CBC Only              553       0.1373 AES-GCM                   172322    42.7872 AES-GCM Only              7         0.0017 CAMELLIA                  170577    42.3539 CHACHA20                  15137     3.7585 Insecure                  79666     19.7809 RC4                       355750    88.332 RC4…

View original post 1,216 more words

Advertisements
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s