AnsweredAssumed Answered

A+ rating whilst only CBC-ciphers supported and FPS ciphers not at top ?

Question asked by SKiLLa X on Jun 16, 2016
Latest reply on Jun 16, 2016 by j-mailor

Hi guys,

 

For example this website: SSL Server Test: www.amsterdamenco.nl (Powered by Qualys SSL Labs)

It has an A+ rating, but the only FPS cipher supported is not the (top) preferred cipher and secondly it only supports CBC-mode ciphers, not GCM.  Luckily Chrome will still prefer the FPS cipher; but I feel that an A+ (with a 100-95-90-90 score) is somewhat high.   It has the exact same rating as for example a site that has a GCM enabled FPS cipher as the preferred cipher: SSL Server Test: www.ing.nl (Powered by Qualys SSL Labs)


What are your thoughts about it ?

Outcomes