Closed
Bug 1051210
Opened 10 years ago
Closed 10 years ago
Firefox 31 doesn't supports the industry recommended best HTTPS ciphers.
Categories
(Firefox :: Untriaged, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 975832
People
(Reporter: ezegyemailcim123, Unassigned)
Details
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0 (Beta/Release)
Build ID: 20140715215148
Steps to reproduce:
$ openssl ciphers | sed 's/:/\n/g' | head -4
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256-SHA384
$
If we set the previous ciphers on our webservers (only allowing these, no others), then Firefox cannot connect to the HTTPS server, because the ciphers are not supported by it.
Client webbrowser's useragent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0
package:
31.0+build1-0ubuntu0.12.04.1
Expected results:
Firefox, as the leading Open Source webbrowser should worry more about security- and thus, should support ciphers that are listed as supported in openssl.
If a webserver can be configured to use "ECDHE-RSA-AES256-GCM-SHA384" then an average webbrowser should support it!
Comment 1•10 years ago
|
||
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•