Re: Proposal to Remove legacy TLS Ciphersuits Offered by Firefox

Sat, 14 Dec 2013 17:44:20 -0800 

On Sat, Dec 14, 2013 at 4:47 PM, Kosuke Kaizuka <cai.0...@gmail.com> wrote:

> > little supported, never negotiated cipher
>
> One of the largest websites which support Camellia is Yahoo!.
> Firefox 26 or lower use TLS_RSA_WITH_CAMELLIA_256_CBC_SHA with Yahoo!.
>

In Firefox 27 or later, Yahoo! will choose TLS_RSA_WITH_AES_128_CBC_SHA
instead, because of the cipher suite order change in Firefox 27.

In case people are curious how the cipher suite order has changed servers'
selection of cipher suites between Firefox 26 beta and Firefox 27 beta,
here is a table:

 Fx26    Fx27   Change   Cipher Suite
 0.00%  14.15%  +14.15%  TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (new)
 0.00%   8.30%   +8.30%  TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (new)
 0.74%   0.27%   -0.47%  TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
 0.00%   0.00%       -   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
 1.97%   0.49%   -1.48%  TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
 0.00%   0.00%       -   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
 0.00%   0.00%       -   TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
10.22%   0.48%   -9.74%  TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
 6.75%   0.11%   -6.64%  TLS_ECDHE_RSA_WITH_RC4_128_SHA
 0.89%   5.64%   +4.75%  TLS_DHE_RSA_WITH_AES_128_CBC_SHA
 0.00%   0.00%       -   TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
 2.66%   0.58%   -2.08%  TLS_DHE_RSA_WITH_AES_256_CBC_SHA
 2.38%   0.03%   -2.35%  TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
 0.00%   0.01%   +0.01%  TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
 0.00%   0.00%       -   TLS_DHE_DSS_WITH_AES_128_CBC_SHA
 0.00%   0.00%       -   TLS_DHE_DSS_WITH_AES_256_CBC_SHA
 3.77%  26.26%  +22.50%  TLS_RSA_WITH_AES_128_CBC_SHA
 0.00%   0.00%       -   TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
21.40%   0.90%  -20.50%  TLS_RSA_WITH_AES_256_CBC_SHA
 3.18%   0.00%   -3.18%  TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
 0.00%   0.00%       -   TLS_RSA_FIPS_WITH_3DES_EDE_CBC_SHA (removed)
 0.04%   0.18%   +0.13%  TLS_RSA_WITH_3DES_EDE_CBC_SHA
 0.00%   0.00%       -   TLS_RSA_WITH_SEED_CBC_SHA (removed)
41.17%  37.57%   -3.60%  TLS_RSA_WITH_RC4_128_SHA
 4.83%   5.03%   +0.21%  TLS_RSA_WITH_RC4_128_MD5

Interestingly:

* AES-128 has largely replaced AES-256 because AES-128 was moved ahead of
AES-256.
* AES-GCM has largely replaced RC4 amongst sites doing ECDHE key exchange.
* Camellia usage dropped from >5% to close to 0% because AES cipher suites
were moved ahead of their corresponding Camellia cipher suites.
* Virtually no site was using SEED.
* There was a ~4% increase in ephemeral key exchange usage, almost all of
which was due to increased adoption of ECDHE.

Cheers,
Brian
-- 
Mozilla Networking/Crypto/Security (Necko/NSS/PSM)
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to