The biggest change since July is that over 10% fewer servers use certificates with SHA-1 signatures. Because I was rather busy for the past few months I wasn't able to work on the scan analysis on-time. So this month's analysis is on a longer time scale. More detailed analysis on my blog: https://securitypitfalls.wordpress.com/2015/11/29/october-2015-scan-results/ SSL/TLS survey of 523658 websites from Alexa's top 1 million Stats only from connections that did provide valid certificates (or anonymous DH from servers that do also have valid certificate installed) Supported Ciphers Count Percent -------------------------+---------+------- 3DES 450366 86.0038 3DES Only 598 0.1142 AES 516026 98.5426 AES Only 22924 4.3777 AES-CBC 515568 98.4551 AES-CBC Only 10087 1.9263 AES-GCM 388464 74.1828 AES-GCM Only 378 0.0722 CAMELLIA 234209 44.7256 CAMELLIA Only 3 0.0006 CHACHA20 64701 12.3556 CHACHA20 Only 1 0.0002 Insecure 61963 11.8327 RC4 213861 40.8398 RC4 Only 1101 0.2103 RC4 Preferred 22873 4.3679 RC4 forced in TLS1.1+ 11792 2.2519 x:FF 29 RC4 Only 1377 0.263 x:FF 29 RC4 Preferred 26049 4.9744 x:FF 29 incompatible 312 0.0596 x:FF 35 RC4 Only 1656 0.3162 x:FF 35 RC4 Preferred 26149 4.9935 x:FF 35 incompatible 315 0.0602 y:DHE-RSA-SEED-SHA 84215 16.0821 y:IDEA-CBC-SHA 78851 15.0577 y:SEED-SHA 95873 18.3083 z:ADH-AES128-GCM-SHA256 395 0.0754 z:ADH-AES128-SHA 756 0.1444 z:ADH-AES128-SHA256 295 0.0563 z:ADH-AES256-GCM-SHA384 403 0.077 z:ADH-AES256-SHA 764 0.1459 z:ADH-AES256-SHA256 297 0.0567 z:ADH-CAMELLIA128-SHA 380 0.0726 z:ADH-CAMELLIA256-SHA 388 0.0741 z:ADH-DES-CBC-SHA 305 0.0582 z:ADH-DES-CBC3-SHA 775 0.148 z:ADH-RC4-MD5 638 0.1218 z:ADH-SEED-SHA 313 0.0598 z:AECDH-AES128-SHA 11266 2.1514 z:AECDH-AES256-SHA 11290 2.156 z:AECDH-DES-CBC3-SHA 11231 2.1447 z:AECDH-NULL-SHA 59 0.0113 z:AECDH-RC4-SHA 10599 2.024 z:DES-CBC-MD5 11791 2.2517 z:DES-CBC-SHA 36853 7.0376 z:DES-CBC3-MD5 24006 4.5843 z:ECDHE-RSA-NULL-SHA 63 0.012 z:EDH-RSA-DES-CBC-SHA 31633 6.0408 z:EXP-ADH-DES-CBC-SHA 208 0.0397 z:EXP-ADH-RC4-MD5 205 0.0391 z:EXP-DES-CBC-SHA 15360 2.9332 z:EXP-EDH-RSA-DES-CBC-SHA 12356 2.3596 z:EXP-RC2-CBC-MD5 18735 3.5777 z:EXP-RC4-MD5 19564 3.736 z:EXP1024-DES-CBC-SHA 4870 0.93 z:EXP1024-RC4-SHA 4967 0.9485 z:IDEA-CBC-MD5 2349 0.4486 z:NULL-MD5 227 0.0433 z:NULL-SHA 232 0.0443 z:NULL-SHA256 29 0.0055 z:RC2-CBC-MD5 12033 2.2979 z:RC4-64-MD5 968 0.1849 Cipher ordering Count Percent -------------------------+---------+------- Client side 134694 25.7217 Server side 388964 74.2783 Supported Handshakes Count Percent -------------------------+---------+------- ADH 903 0.1724 AECDH 11321 2.1619 DHE 286818 54.772 ECDH 3 0.0006 ECDHE 415495 79.3447 ECDHE and DHE 219028 41.8265 RSA 471189 89.9803 Supported PFS Count Percent PFS Percent -------------------------+---------+--------+----------- DH,1024bits 162798 31.0886 56.76 DH,1536bits 1 0.0002 0.0003 DH,2048bits 116370 22.2225 40.5728 DH,2236bits 11 0.0021 0.0038 DH,2432bits 1 0.0002 0.0003 DH,3072bits 109 0.0208 0.038 DH,3092bits 1 0.0002 0.0003 DH,4094bits 1 0.0002 0.0003 DH,4096bits 7102 1.3562 2.4761 DH,512bits 43 0.0082 0.015 DH,768bits 450 0.0859 0.1569 DH,8192bits 2 0.0004 0.0007 ECDH,B-571,570bits 1628 0.3109 0.3918 ECDH,K-163,163bits 1 0.0002 0.0002 ECDH,K-571,570bits 1 0.0002 0.0002 ECDH,P-192,192bits 8 0.0015 0.0019 ECDH,P-224,224bits 71 0.0136 0.0171 ECDH,P-256,256bits 402982 76.9552 96.9884 ECDH,P-384,384bits 2860 0.5462 0.6883 ECDH,P-521,521bits 8826 1.6855 2.1242 Prefer DH,1024bits 59986 11.4552 20.9143 Prefer DH,1536bits 1 0.0002 0.0003 Prefer DH,2048bits 9957 1.9014 3.4715 Prefer DH,3072bits 13 0.0025 0.0045 Prefer DH,4096bits 345 0.0659 0.1203 Prefer DH,768bits 65 0.0124 0.0227 Prefer ECDH,B-571,570bits 1429 0.2729 0.3439 Prefer ECDH,K-163,163bits 1 0.0002 0.0002 Prefer ECDH,K-571,570bits 1 0.0002 0.0002 Prefer ECDH,P-224,224bits 55 0.0105 0.0132 Prefer ECDH,P-256,256bits 358890 68.5352 86.3765 Prefer ECDH,P-384,384bits 2659 0.5078 0.64 Prefer ECDH,P-521,521bits 7931 1.5145 1.9088 Prefer PFS 441333 84.2789 0 Support PFS 483285 92.2902 0 Supported ECC curves Count Percent -------------------------+---------+-------- brainpoolP256r1 1825 0.3485 brainpoolP384r1 1827 0.3489 brainpoolP512r1 1828 0.3491 prime192v1 1461 0.279 prime256v1 413390 78.9427 prime256v1 Only 360620 68.8656 secp160k1 1415 0.2702 secp160r1 1422 0.2716 secp160r2 1414 0.27 secp192k1 1433 0.2737 secp224k1 1489 0.2843 secp224r1 3846 0.7344 secp256k1 3218 0.6145 secp384r1 53089 10.1381 secp384r1 Only 364 0.0695 secp521r1 22417 4.2808 secp521r1 Only 125 0.0239 sect163k1 1415 0.2702 sect163k1 Only 1 0.0002 sect163r1 1414 0.27 sect163r2 1414 0.27 sect193r1 1412 0.2696 sect193r2 1412 0.2696 sect233k1 1482 0.283 sect233r1 1481 0.2828 sect239k1 1481 0.2828 sect283k1 3187 0.6086 sect283r1 3187 0.6086 sect409k1 3189 0.609 sect409r1 3189 0.609 sect571k1 3201 0.6113 sect571r1 3201 0.6113 Unsupported curve fallback Count Percent ------------------------------+---------+-------- False 70006 13.3686 True 291129 55.5953 order-specific 72 0.0137 unknown 162451 31.0223 ECC curve ordering Count Percent -------------------------+---------+-------- client 4674 0.8926 inconclusive-noecc 10 0.0019 server 409225 78.1474 unknown 109749 20.9581 TLSv1.2 PFS supported sigalgs Count Percent ------------------------------+---------+-------- ECDSA-SHA1 38366 7.3265 ECDSA-SHA1 Only 3 0.0006 ECDSA-SHA224 38357 7.3248 ECDSA-SHA256 49346 9.4233 ECDSA-SHA384 49344 9.4229 ECDSA-SHA512 49347 9.4235 ECDSA-SHA512 Only 3 0.0006 RSA-MD5 168481 32.1739 RSA-SHA1 361209 68.978 RSA-SHA1 Only 43815 8.3671 RSA-SHA224 296284 56.5797 RSA-SHA256 324294 61.9286 RSA-SHA256 Only 5869 1.1208 RSA-SHA384 297506 56.813 RSA-SHA384 Only 1 0.0002 RSA-SHA512 297620 56.8348 RSA-SHA512 Only 137 0.0262 TLSv1.2 PFS ordering Count Percent ------------------------------+---------+-------- client 238653 45.5742 indeterminate 202 0.0386 intolerant 4295 0.8202 order-fallback 10 0.0019 server 163641 31.2496 unsupported 21408 4.0882 TLSv1.2 PFS sigalg fallback Count Percent ------------------------------+---------+-------- ECDSA SHA1 38349 7.3233 ECDSA intolerant 24 0.0046 ECDSA pfs-rsa-SHA512 10983 2.0974 ECDSA soft-nopfs 1 0.0002 RSA False 167225 31.934 RSA SHA1 166732 31.8399 RSA intolerant 34038 6.5 RSA pfs-ecdsa-SHA512 5 0.001 RSA soft-nopfs 1316 0.2513 Renegotiation Count Percent -------------------------+---------+-------- False 6661 1.272 insecure 19263 3.6785 secure 497734 95.0494 Compression Count Percent -------------------------+---------+-------- 1 (zlib compression) 9887 1.8881 False 6661 1.272 NONE 507110 96.8399 TLS session ticket hint Count Percent -------------------------+---------+-------- 1 2 0.0004 1 only 2 0.0004 2 2 0.0004 2 only 2 0.0004 5 2 0.0004 5 only 2 0.0004 10 8 0.0015 10 only 8 0.0015 15 9 0.0017 15 only 9 0.0017 30 10 0.0019 30 only 9 0.0017 60 96 0.0183 60 only 89 0.017 65 1 0.0002 65 only 1 0.0002 70 7 0.0013 75 1 0.0002 75 only 1 0.0002 100 18 0.0034 100 only 18 0.0034 120 26 0.005 120 only 26 0.005 128 3 0.0006 128 only 3 0.0006 150 2 0.0004 180 42 0.008 180 only 39 0.0074 200 1 0.0002 200 only 1 0.0002 240 12 0.0023 240 only 12 0.0023 300 242606 46.3291 300 only 238057 45.4604 302 3 0.0006 302 only 3 0.0006 360 2 0.0004 360 only 1 0.0002 400 8 0.0015 400 only 8 0.0015 420 119 0.0227 420 only 88 0.0168 480 12 0.0023 480 only 12 0.0023 500 5 0.001 500 only 5 0.001 540 1 0.0002 540 only 1 0.0002 600 25719 4.9114 600 only 25574 4.8837 700 1 0.0002 700 only 1 0.0002 720 2 0.0004 720 only 2 0.0004 840 1 0.0002 840 only 1 0.0002 900 781 0.1491 900 only 766 0.1463 960 2 0.0004 960 only 2 0.0004 1200 2230 0.4259 1200 only 2222 0.4243 1320 1 0.0002 1320 only 1 0.0002 1500 10 0.0019 1500 only 9 0.0017 1800 490 0.0936 1800 only 476 0.0909 2100 1 0.0002 2100 only 1 0.0002 2400 8 0.0015 2400 only 8 0.0015 2700 8 0.0015 2700 only 8 0.0015 3000 23 0.0044 3000 only 23 0.0044 3600 575 0.1098 3600 only 566 0.1081 3900 1 0.0002 3900 only 1 0.0002 4100 1 0.0002 4100 only 1 0.0002 4200 1 0.0002 5160 1 0.0002 5160 only 1 0.0002 5400 20 0.0038 5400 only 8 0.0015 6000 66 0.0126 6000 only 66 0.0126 7200 14981 2.8608 7200 only 14963 2.8574 10800 2576 0.4919 10800 only 2570 0.4908 14400 102 0.0195 14400 only 102 0.0195 18000 7 0.0013 18000 only 7 0.0013 21600 4999 0.9546 21600 only 4999 0.9546 25200 1 0.0002 25200 only 1 0.0002 28800 2018 0.3854 28800 only 1601 0.3057 36000 1153 0.2202 36000 only 1144 0.2185 43200 34 0.0065 43200 only 34 0.0065 60000 1 0.0002 60000 only 1 0.0002 64800 53897 10.2924 64800 only 53896 10.2922 72000 16 0.0031 72000 only 16 0.0031 84600 1 0.0002 84600 only 1 0.0002 86000 39 0.0074 86000 only 39 0.0074 86400 3516 0.6714 86400 only 3512 0.6707 100800 10300 1.9669 100800 only 10290 1.965 129600 9 0.0017 129600 only 9 0.0017 172800 6 0.0011 172800 only 6 0.0011 216000 1 0.0002 216000 only 1 0.0002 432000 2 0.0004 432000 only 2 0.0004 604800 1 0.0002 864000 4 0.0008 864000 only 4 0.0008 None 162322 30.9977 None only 157058 29.9925 Certificate sig alg Count Percent -------------------------+---------+-------- None 11981 2.2879 ecdsa-with-SHA256 49307 9.4159 sha1WithRSAEncryption 86227 16.4663 sha256WithRSAEncryption 399420 76.275 sha384WithRSAEncryption 6 0.0011 sha512WithRSAEncryption 28 0.0053 Certificate key size Count Percent -------------------------+---------+-------- ECDSA 256 49343 9.4228 ECDSA 384 15 0.0029 RSA 1024 56 0.0107 RSA 10240 8 0.0015 RSA 2047 1 0.0002 RSA 2048 464934 88.7858 RSA 2049 4 0.0008 RSA 2056 4 0.0008 RSA 2058 2 0.0004 RSA 2064 2 0.0004 RSA 2084 4 0.0008 RSA 2096 2 0.0004 RSA 2408 2 0.0004 RSA 2432 1 0.0002 RSA 2480 1 0.0002 RSA 3071 1 0.0002 RSA 3072 127 0.0243 RSA 3096 2 0.0004 RSA 3248 2 0.0004 RSA 4042 1 0.0002 RSA 4048 1 0.0002 RSA 4056 25 0.0048 RSA 4069 3 0.0006 RSA 4086 2 0.0004 RSA 4092 6 0.0011 RSA 4094 1 0.0002 RSA 4096 20149 3.8477 RSA 4098 1 0.0002 RSA 8192 4 0.0008 RSA/ECDSA Dual Stack 11039 2.1081 OCSP stapling Count Percent -------------------------+---------+-------- Supported 113302 21.6366 Unsupported 410356 78.3634 Supported Protocols Count Percent -------------------------+---------+------- SSL2 24244 4.6297 SSL2 Only 19 0.0036 SSL3 122263 23.3479 SSL3 Only 484 0.0924 SSL3 or TLS1 Only 69496 13.2713 SSL3 or lower Only 503 0.0961 TLS1 518406 98.9971 TLS1 Only 41584 7.9411 TLS1 or lower Only 92178 17.6027 TLS1.1 418156 79.8529 TLS1.1 Only 267 0.051 TLS1.1 or up Only 4492 0.8578 TLS1.2 428200 81.7709 TLS1.2 Only 1845 0.3523 TLS1.2, 1.0 but not 1.1 10863 2.0744 Statistics from 549280 chains provided by 697275 hosts Server provided chains Count Percent -------------------------+---------+------- complete 487661 69.9381 incomplete 27391 3.9283 untrusted 182223 26.1336 Trusted chain statistics ======================== Chain length Count Percent -------------------------+---------+------- 2 114 0.0208 3 547038 99.5918 4 2101 0.3825 5 27 0.0049 CA key size in chains Count -------------------------+--------- ECDSA 256 48991 ECDSA 384 48992 RSA 1024 101 RSA 2045 3 RSA 2048 865095 RSA 4096 137419 Chains with CA key Count Percent -------------------------+---------+------- ECDSA 256 48991 8.9191 ECDSA 384 48992 8.9193 RSA 1024 99 0.018 RSA 2045 3 0.0005 RSA 2048 499889 91.008 RSA 4096 136911 24.9255 Signature algorithm (ex. root) Count ------------------------------+--------- ecdsa-with-SHA384 48986 sha1WithRSAEncryption 92825 sha256WithRSAEncryption 287083 sha384WithRSAEncryption 122355 sha512WithRSAEncryption 72 Eff. host cert chain LoS Count Percent -------------------------+---------+------- 80 92922 16.9171 112 407358 74.1622 128 49000 8.9208 Root CAs Count Percent ---------------------------------------------+---------+------- (d6325660) COMODO RSA Certification Authority 113492 20.662 (2c543cd1) GeoTrust Global CA 107601 19.5895 (eed8c118) COMODO ECC Certification Authority 48977 8.9166 (cbf06781) Go Daddy Root Certificate Authorit 47939 8.7276 (5ad8a5d6) GlobalSign Root CA 44123 8.0329 (b204d74a) VeriSign Class 3 Public Primary Ce 29359 5.345 (244b5494) DigiCert High Assurance EV Root CA 25999 4.7333 (2e4eed3c) thawte Primary Root CA 23372 4.255 (157753a5) AddTrust External CA Root 20188 3.6754 (653b494a) Baltimore CyberTrust Root 12053 2.1943 (ae8153b9) StartCom Certification Authority 9139 1.6638 (fc5a8f99) USERTrust RSA Certification Author 8775 1.5975 (3513523f) DigiCert Global Root CA 8281 1.5076 (4bfab552) Starfield Root Certificate Authori 8226 1.4976 (480720ec) GeoTrust Primary Certification Aut 5570 1.0141 Scan performed between 19th of October and 9th of November 2015 -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
Attachment:
signature.asc
Description: This is a digitally signed message part.
-- security mailing list security@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/security@xxxxxxxxxxxxxxxxxxxxxxx
