With the recent interest in TLS, due to Heartbleed and the concerns about privacy due to the actions of certain agencies responsible for national security, there has been some really good discussion about TLS and how it is implemented.  Many people have talked about cipher suites in the context of server configuration.  Basically they have talked about how to set up your servers to only use secure protocols(no SSLv2, and no SSLv3 if you can get away with it), secure key exchange(preferring Perfect Forward Secrecy mechanisms), secure symmetric ciphers(AES-GCM, AES-CBC, and 3-DES if you have to) and good integrity checks a.k.a. HMACs(e.g. not using MD5, SHA-1).  While I love this discussion and am glad it seems to be getting moving in the right direction, I think it is also important to talk about what is going on with clients.  The configuration of my servers is important to the people who connect to my servers(all twelve of you), but it doesn’t affect the rest of my web browsing.  If I’m on my banks website browsing with IE8 on Windows XP, the security of my web server configuration doesn’t make me any more secure :).  In this article I am going to talk about which cipher suites the different browsers support, how they negotiate, and I will speculate a bit on the different design decisions made by each vendor.  I will also list whether Server Name Indication is supported or not.  This isn’t really a feature that improves security per sé, but it is important in terms of moving things forward as IPv4 addresses get more and more scarce.

Read Full Article