AnsweredAssumed Answered

SSL behavior on Windows XP with Firefox - beast mitigation with AES128 ?

Question asked by _ck_ on Sep 7, 2013
Latest reply on Sep 16, 2013 by Ivan Ristić

One environment the ssllabs test unfortunately does not show is Windows XP with Firefox.

 

I've noticed if I work out a cipher list that achieves Beast mitigation, it will typically cause Firefox on XP to go into RC4

 

Is it possible to get Firefox on XP to use AES128 (for server-side performance w/AESNI acceleration) over RC4 while still blocking beast?

 

I've attempted this for several hours of tinkering now, so I give up.

 

Would love to hear if it's theoretically possible and what to try.

 

Server side is nginx with openssl 1.0.1e with EC enabled for FS

 

Thanks for any suggestions.

Outcomes