AnsweredAssumed Answered

Is forward secrecy in the protocols section of the report broken?

Question asked by Dkyeager on Sep 20, 2013
Latest reply on Sep 30, 2013 by Ivan Ristić

For example, https://login.bloomberg.com ( https://www.ssllabs.com/ssltest/analyze.html?d=https%3A%2F%2Flogin.bloomberg.com&hideResults=on) under the protocol details shows Forward Secrecy (supported) = No, even though it uses TLS_DHE_RSA_WITH_AES_256_CBC_SHA (etc.), and other articles state Bloomberg uses forward secrecy. 

 

Even https://www.google.com ( https://www.ssllabs.com/ssltest/analyze.html?d=www.google.com&s=74.125.225.244 ) shows Forward Secrecy (supported) = No, despite using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

 

Thanks

Outcomes