When I test my browser, I see some ciphersuites are marked as "weak" (see the picture). Is this because of Forward-Secrecy property? can you elaborate on how "weak" ciphers are assessed and marked as "weak"?
lack of forward secrecy and the ROBOT vulnerability.
Thanks for your reply. Can you please specify if its: (Forward-Secrecy AND ROBOT, i.e. both vulnerabilities) or (Forward-Secrecy OR ROBOT, i.e. one of the vulnerabilities will mark the ciphersuite as weak).
for a client, both always apply to the TLS_RSA suites. ROBOT is a server-side vulnerability, but clients can protect themselves from it by not supporting TLS_RSA suites.
Retrieving data ...