One environment the ssllabs test unfortunately does not show is Windows XP with Firefox.
I've noticed if I work out a cipher list that achieves Beast mitigation, it will typically cause Firefox on XP to go into RC4
Is it possible to get Firefox on XP to use AES128 (for server-side performance w/AESNI acceleration) over RC4 while still blocking beast?
I've attempted this for several hours of tinkering now, so I give up.
Would love to hear if it's theoretically possible and what to try.
Server side is nginx with openssl 1.0.1e with EC enabled for FS
Thanks for any suggestions.