AnsweredAssumed Answered

Handshake simulation

Question asked by Anand Bhat on Feb 3, 2015
Latest reply on Feb 3, 2015 by Adm Selec

I have a question about the handshake simulation. I've sometimes seen that this lists a cipher that is somewhere at the bottom of the server's preferred order list despite there being a cipher "above" that the client supports. E.g., google.com - https://www.ssllabs.com/ssltest/analyze.html?d=google.com


Is there something else at play here that determines why a cipher that's lower in the server preferred order list is used by a client despite having support for that cipher?

 


This indicates that Safari 5.1.9 / OS X 10.6.8 and Safari 6.0.4 / OS X 10.8.4 use TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011).

 

However, there is a cipher TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009) that is "above" this in the server preferred order which is supported by both these clients.

 

 

 

 

Is there something else at play here that determines why a cipher that's lower in the server preferred order list is used by a client despite having support for that cipher?

Outcomes