AnsweredAssumed Answered

TLS v1.2 now supported by all major browsers - is it time to punish in grade if using RC4 and no Forward Secrecy

Question asked by j-mailor on Feb 5, 2014
Latest reply on Feb 10, 2014 by Rob_T

Hi,

just to inform you that as of today Firefox 27 was released with by default enabled TLS v1.2 and so now all major browsers (Chrome, Firefox, Internet Explorer, Safari and Opera) support TLS v1.2 by default. More info about TLS browser support : https://en.wikipedia.org/wiki/Transport_Layer_Security#Web_browsers

 

I see ssllabs.com/ssltest/ already punishes the servers with no TLS v1.2 support to downgrade to B. In my humble opinion now is a time to start downgrading servers to grade B that are using RC4 chiphers and maybe also downgrade to grade B servers that do not support Forward Secrecy (now grade is crapped to A-). Just wondering what is your opinion? In my opinion if grade is A or A- then administrators do not take any action, but if grade gets to B then specially large organizations like banks etc would start making some actions.

Regards

Outcomes