Little more than a week ago I posted about the Security Certs for NS 3.8. I was not aware at that time that NS 3.9 was already available (I was using a link provided for D/L of 3.8). Since there has been other bugs/problems, I thought to provide the actual results. The location of this Qualys Client Test is
https://www.ssllabs.com/ssltest/viewMyClient.html Presuming the Certs are within NS 3.8, it would appear that the "weak" certs be removed for added security. I did not receive an answer to the question if the certs are tapped from the Distribution or the Browser. So, here are the results... Protocols TLS 1.3 No TLS 1.2 Yes* TLS 1.1 Yes* TLS 1.0 Yes* SSL 3 Yes* SSL 2 No Cipher Suites (in order of preference) TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) Forward Secrecy 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c) Forward Secrecy 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) WEAK 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024) WEAK 256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) Forward Secrecy 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) Forward Secrecy 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) WEAK 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023) WEAK 128 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) Forward Secrecy 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b) WEAK 256 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) Forward Secrecy 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67) WEAK 128 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) WEAK 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a) WEAK 256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) WEAK 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009) WEAK 128 TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) WEAK 256 TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) WEAK 128 TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) WEAK 128 TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0xff) - (1) When a browser supports SSL 2, its SSL 2-only suites are shown only on the very first connection to this site. To see the suites, close all browser windows, then open this exact page directly. Don't refresh. Protocol Details Server Name Indication (SNI) Yes Secure Renegotiation Yes TLS compression No Session tickets Yes OCSP stapling No Signature algorithms SHA512/RSA, SHA512/DSA, SHA512/ECDSA, SHA384/RSA, SHA384/DSA, SHA384/ECDSA, SHA256/RSA, SHA256/DSA, SHA256/ECDSA, SHA224/RSA, SHA224/DSA, SHA224/ECDSA, SHA1/RSA, SHA1/DSA, SHA1/ECDSA Named Groups secp256r1, secp521r1, brainpoolP512r1, brainpoolP384r1, secp384r1, brainpoolP256r1, secp256k1, sect571r1, sect571k1, sect409k1, sect409r1, sect283k1, sect283r1 Next Protocol Negotiation Yes Application Layer Protocol Negotiation No SSL 2 handshake compatibility No Regards Paul S. in CT