Closed Bug 1051210 Opened 6 years ago Closed 6 years ago
Firefox 31 doesn't supports the industry recommended best HTTPS ciphers
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0 (Beta/Release) Build ID: 20140715215148 Steps to reproduce: $ openssl ciphers | sed 's/:/\n/g' | head -4 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA384 $ If we set the previous ciphers on our webservers (only allowing these, no others), then Firefox cannot connect to the HTTPS server, because the ciphers are not supported by it. Client webbrowser's useragent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0 package: 31.0+build1-0ubuntu0.12.04.1 Expected results: Firefox, as the leading Open Source webbrowser should worry more about security- and thus, should support ciphers that are listed as supported in openssl. If a webserver can be configured to use "ECDHE-RSA-AES256-GCM-SHA384" then an average webbrowser should support it!
Firefox bug 975832 NSS bug 973755 Work needed in bug 951455 & bug 923089 to implement
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 975832
You need to log in before you can comment on or make changes to this bug.