Closed Bug 1051210 Opened 10 years ago Closed 10 years ago

Firefox 31 doesn't supports the industry recommended best HTTPS ciphers.

Categories

(Firefox :: Untriaged, defect)

Product:
Firefox
Component:
Untriaged
Version:
31 Branch
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 975832

People

(Reporter: ezegyemailcim123, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0 (Beta/Release)
Build ID: 20140715215148

Steps to reproduce:

$ openssl ciphers | sed 's/:/\n/g' | head -4
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256-SHA384
$ 

If we set the previous ciphers on our webservers (only allowing these, no others), then Firefox cannot connect to the HTTPS server, because the ciphers are not supported by it. 

Client webbrowser's useragent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0

package:
31.0+build1-0ubuntu0.12.04.1



Expected results:

Firefox, as the leading Open Source webbrowser should worry more about security- and thus, should support ciphers that are listed as supported in openssl. 

If a webserver can be configured to use "ECDHE-RSA-AES256-GCM-SHA384" then an average webbrowser should support it!
Firefox bug 975832
NSS bug 973755

Work needed in bug 951455 & bug 923089 to implement
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.