Re: Where are others SHA256 cipher suits in Firefox 27?
Another reason to enable DHE_RSA_AES_*_GCM: Mozilla's new account system only supports RSA and DHE_RSA ciphers: https://www.ssllabs.com/ssltest/analyze.html?d=accounts.firefox.com Same goes for mozilla.org and bugzilla. -- View this message in context: http://mozilla.6506.n7.nabble.com/Where-are-others-SHA256-cipher-suits-in-Firefox-27-tp306678p311535.html Sent from the Mozilla - Cryptography mailing list archive at Nabble.com. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Where are others SHA256 cipher suits in Firefox 27?
On 2014-03-23 11:43, gegard4321 wrote: Another reason to enable DHE_RSA_AES_*_GCM: Mozilla's new account system only supports RSA and DHE_RSA ciphers: https://www.ssllabs.com/ssltest/analyze.html?d=accounts.firefox.com Same goes for mozilla.org and bugzilla. On the server side, we are working to support better TLS. See this Tracker bug: https://bugzilla.mozilla.org/show_bug.cgi?id=901393 Depending on the technology used, not all ciphers are available on all sites. But I can already tell you that accounts.firefox.com will support ECDHE and AES-GCM. - Julien -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Where are others SHA256 cipher suits in Firefox 27?
On Sun, Mar 23, 2014 at 08:43:35AM -0700, gegard4321 wrote: Another reason to enable DHE_RSA_AES_*_GCM: Mozilla's new account system only supports RSA and DHE_RSA ciphers: https://www.ssllabs.com/ssltest/analyze.html?d=accounts.firefox.com Same goes for mozilla.org and bugzilla. Firefox selects TLS_DHE_RSA_WITH_AES_128_CBC_SHA, while chrome selects TLS_DHE_RSA_WITH_AES_128_GCM_SHA256. And I would really prefer the GCM version over the CBC version. Please add support for TLS_DHE_RSA_WITH_AES_*_GCM_SHA*, which currently probably means TLS_DHE_RSA_WITH_AES_128_GCM_SHA256. Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Where are others SHA256 cipher suits in Firefox 27?
On the server side, we are working to support better TLS. Thanks for the information. Please also have a look at AMO, it doesn't even support TLS 1.2 and Forward Secrecy: https://www.ssllabs.com/ssltest/analyze.html?d=addons.mozilla.org -- View this message in context: http://mozilla.6506.n7.nabble.com/Where-are-others-SHA256-cipher-suits-in-Firefox-27-tp306678p311571.html Sent from the Mozilla - Cryptography mailing list archive at Nabble.com. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
