This time the results are enhanced with probes detecting tolerance to higher protocol versions and bigger messages. analysis here: https://securitypitfalls.wordpress.com/2016/09/06/july-2016-scan-results/ SSL/TLS survey of 603391 websites from Alexa's top 1 million Stats only from connections that did provide valid certificates (or anonymous DH from servers that do also have valid certificate installed) Supported Ciphers Count Percent -------------------------+---------+------- 3DES 532905 88.3184 3DES Only 550 0.0912 3DES Preferred 1719 0.2849 3DES forced in TLS1.1+ 992 0.1644 AES 599329 99.3268 AES Only 46610 7.7247 AES-CBC 598756 99.2318 AES-CBC Only 4850 0.8038 AES-GCM 509780 84.4858 AES-GCM Only 526 0.0872 CAMELLIA 267705 44.3668 CAMELLIA Only 1 0.0002 CHACHA20 83982 13.9183 CHACHA20 Only 3 0.0005 Insecure 53186 8.8145 RC4 153525 25.4437 RC4 Only 140 0.0232 RC4 Preferred 12783 2.1185 RC4 forced in TLS1.1+ 6911 1.1454 x:FF 29 3DES Only 597 0.0989 x:FF 29 3DES Preferred 2030 0.3364 x:FF 29 RC4 Only 193 0.032 x:FF 29 RC4 Preferred 14404 2.3872 x:FF 29 incompatible 530 0.0878 x:FF 35 3DES Only 605 0.1003 x:FF 35 3DES Preferred 1956 0.3242 x:FF 35 RC4 Only 218 0.0361 x:FF 35 RC4 Preferred 14418 2.3895 x:FF 35 incompatible 532 0.0882 x:FF 44 3DES Only 3874 0.642 x:FF 44 3DES Preferred 7464 1.237 x:FF 44 incompatible 750 0.1243 y:DHE-RSA-SEED-SHA 79084 13.1066 y:IDEA-CBC-SHA 75906 12.5799 y:SEED-SHA 90103 14.9328 z:ADH-AES128-GCM-SHA256 428 0.0709 z:ADH-AES128-SHA 715 0.1185 z:ADH-AES128-SHA256 281 0.0466 z:ADH-AES256-GCM-SHA384 442 0.0733 z:ADH-AES256-SHA 759 0.1258 z:ADH-AES256-SHA256 284 0.0471 z:ADH-CAMELLIA128-SHA 368 0.061 z:ADH-CAMELLIA128-SHA256 1 0.0002 z:ADH-CAMELLIA256-SHA 393 0.0651 z:ADH-CAMELLIA256-SHA256 1 0.0002 z:ADH-DES-CBC-SHA 279 0.0462 z:ADH-DES-CBC3-SHA 720 0.1193 z:ADH-RC4-MD5 517 0.0857 z:ADH-SEED-SHA 298 0.0494 z:AECDH-AES128-SHA 9498 1.5741 z:AECDH-AES256-SHA 9566 1.5854 z:AECDH-DES-CBC3-SHA 9463 1.5683 z:AECDH-NULL-SHA 60 0.0099 z:AECDH-RC4-SHA 8940 1.4816 z:DES-CBC-MD5 6015 0.9969 z:DES-CBC-SHA 33753 5.5939 z:DES-CBC3-MD5 15538 2.5751 z:ECDHE-RSA-NULL-SHA 67 0.0111 z:EDH-RSA-DES-CBC-SHA 28904 4.7903 z:EXP-ADH-DES-CBC-SHA 180 0.0298 z:EXP-ADH-RC4-MD5 178 0.0295 z:EXP-DES-CBC-SHA 9916 1.6434 z:EXP-EDH-RSA-DES-CBC-SHA 7950 1.3176 z:EXP-RC2-CBC-MD5 11811 1.9574 z:EXP-RC4-MD5 12355 2.0476 z:EXP1024-DES-CBC-SHA 3045 0.5046 z:EXP1024-RC4-SHA 3108 0.5151 z:IDEA-CBC-MD5 1225 0.203 z:NULL-MD5 196 0.0325 z:NULL-SHA 201 0.0333 z:NULL-SHA256 39 0.0065 z:RC2-CBC-MD5 6171 1.0227 z:RC4-64-MD5 692 0.1147 Cipher ordering Count Percent -------------------------+---------+------- Client side 149228 24.7316 Server side 454163 75.2684 Supported Handshakes Count Percent -------------------------+---------+------- ADH 918 0.1521 AECDH 9574 1.5867 DHE 327644 54.3004 ECDH 2 0.0003 ECDHE 532966 88.3285 ECDHE and DHE 285103 47.2501 RSA 517470 85.7603 Supported PFS Count Percent PFS Percent -------------------------+---------+--------+----------- DH,1024bits 115821 19.195 35.3496 DH,2048bits 196265 32.527 59.9019 DH,2049bits 1 0.0002 0.0003 DH,2236bits 77 0.0128 0.0235 DH,2432bits 3 0.0005 0.0009 DH,3072bits 141 0.0234 0.043 DH,3092bits 2 0.0003 0.0006 DH,3196bits 1 0.0002 0.0003 DH,4096bits 14972 2.4813 4.5696 DH,512bits 122 0.0202 0.0372 DH,6144bits 1 0.0002 0.0003 DH,768bits 355 0.0588 0.1083 DH,8192bits 7 0.0012 0.0021 ECDH,B-571,570bits 4696 0.7783 0.8811 ECDH,K-163,163bits 1 0.0002 0.0002 ECDH,P-192,192bits 68 0.0113 0.0128 ECDH,P-224,224bits 91 0.0151 0.0171 ECDH,P-256,256bits 500295 82.9139 93.87 ECDH,P-384,384bits 12707 2.1059 2.3842 ECDH,P-521,521bits 17146 2.8416 3.2171 ECDH,brainpoolP512r1,512bits 3 0.0005 0.0006 ECDH,secp256k1,256bits 1 0.0002 0.0002 Prefer DH,1024bits 42440 7.0336 12.9531 Prefer DH,2048bits 4955 0.8212 1.5123 Prefer DH,3072bits 9 0.0015 0.0027 Prefer DH,3092bits 2 0.0003 0.0006 Prefer DH,4096bits 379 0.0628 0.1157 Prefer DH,768bits 33 0.0055 0.0101 Prefer ECDH,B-571,570bits 4438 0.7355 0.8327 Prefer ECDH,K-163,163bits 1 0.0002 0.0002 Prefer ECDH,P-192,192bits 1 0.0002 0.0002 Prefer ECDH,P-224,224bits 89 0.0147 0.0167 Prefer ECDH,P-256,256bits 465038 77.0708 87.2547 Prefer ECDH,P-384,384bits 10660 1.7667 2.0001 Prefer ECDH,P-521,521bits 15901 2.6353 2.9835 Prefer ECDH,brainpoolP512r1,512bits 3 0.0005 0.0006 Prefer ECDH,secp256k1,256bits 1 0.0002 0.0002 Prefer PFS 543950 90.1488 0 Support PFS 575507 95.3788 0 Supported ECC curves Count Percent -------------------------+---------+-------- None 2 0.0003 None Only 2 0.0003 brainpoolP256r1 27492 4.5562 brainpoolP384r1 27491 4.5561 brainpoolP512r1 27484 4.5549 prime192v1 1647 0.273 prime256v1 510415 84.5911 prime256v1 Only 428464 71.0093 secp160k1 1528 0.2532 secp160r1 1536 0.2546 secp160r2 1528 0.2532 secp192k1 1543 0.2557 secp224k1 1625 0.2693 secp224r1 5406 0.8959 secp256k1 29683 4.9194 secp384r1 88419 14.6537 secp384r1 Only 5169 0.8567 secp521r1 58499 9.695 secp521r1 Only 153 0.0254 sect163k1 1531 0.2537 sect163k1 Only 3 0.0005 sect163r1 1529 0.2534 sect163r2 1529 0.2534 sect193r1 1529 0.2534 sect193r2 1529 0.2534 sect233k1 1614 0.2675 sect233r1 1614 0.2675 sect239k1 1614 0.2675 sect283k1 28930 4.7946 sect283k1 Only 2 0.0003 sect283r1 28927 4.7941 sect409k1 28927 4.7941 sect409r1 28927 4.7941 sect571k1 28927 4.7941 sect571r1 28930 4.7946 server 38445 6.3715 server Only 38445 6.3715 Unsupported curve fallback Count Percent ------------------------------+---------+-------- False 532806 88.3019 unknown 70585 11.6981 ECC curve ordering Count Percent -------------------------+---------+-------- 36744 6.0896 client 18027 2.9876 server 478197 79.2516 unknown 70423 11.6712 TLSv1.2 PFS supported sigalgs Count Percent ------------------------------+---------+-------- ECDSA-SHA1 54563 9.0427 ECDSA-SHA1 Only 9 0.0015 ECDSA-SHA224 54587 9.0467 ECDSA-SHA256 72567 12.0265 ECDSA-SHA384 72639 12.0385 ECDSA-SHA512 72750 12.0569 ECDSA-SHA512 Only 118 0.0196 RSA-MD5 23842 3.9513 RSA-SHA1 462908 76.7178 RSA-SHA1 Only 30278 5.018 RSA-SHA224 387875 64.2825 RSA-SHA256 441866 73.2305 RSA-SHA256 Only 8016 1.3285 RSA-SHA384 403401 66.8557 RSA-SHA384 Only 4 0.0007 RSA-SHA512 403342 66.8459 RSA-SHA512 Only 131 0.0217 TLSv1.2 PFS ordering Count Percent ------------------------------+---------+-------- client 282677 46.8481 indeterminate 38 0.0063 intolerant 6561 1.0874 order-fallback 4 0.0007 server 236059 39.1221 unsupported 14339 2.3764 TLSv1.2 PFS sigalg fallback Count Percent ------------------------------+---------+-------- ECDSA SHA1 54456 9.025 ECDSA intolerant 652 0.1081 ECDSA pfs-rsa-SHA512 17783 2.9472 ECDSA soft-nopfs 15 0.0025 RSA False 23629 3.916 RSA SHA1 399316 66.1786 RSA intolerant 50007 8.2877 RSA pfs-ecdsa-SHA512 99 0.0164 RSA soft-nopfs 389 0.0645 Renegotiation Count Percent -------------------------+---------+-------- False 4550 0.7541 insecure 15701 2.6021 secure 583140 96.6438 Compression Count Percent -------------------------+---------+-------- 1 (zlib compression) 6683 1.1076 False 4550 0.7541 NONE 592158 98.1384 TLS session ticket hint Count Percent -------------------------+---------+-------- 1 3 0.0005 1 only 3 0.0005 5 8 0.0013 5 only 8 0.0013 10 9 0.0015 10 only 9 0.0015 15 7 0.0012 15 only 7 0.0012 30 29 0.0048 30 only 29 0.0048 60 172 0.0285 60 only 166 0.0275 65 2 0.0003 65 only 2 0.0003 70 6 0.001 70 only 4 0.0007 75 1 0.0002 75 only 1 0.0002 90 1 0.0002 90 only 1 0.0002 100 15 0.0025 100 only 15 0.0025 120 28 0.0046 120 only 28 0.0046 128 3 0.0005 128 only 2 0.0003 150 2 0.0003 180 83 0.0138 180 only 80 0.0133 240 12 0.002 240 only 12 0.002 300 306995 50.8783 300 only 304055 50.391 302 2 0.0003 302 only 2 0.0003 360 3 0.0005 360 only 2 0.0003 400 8 0.0013 400 only 8 0.0013 420 120 0.0199 420 only 103 0.0171 480 11 0.0018 480 only 11 0.0018 500 4 0.0007 500 only 4 0.0007 540 4 0.0007 540 only 4 0.0007 600 29961 4.9654 600 only 29817 4.9416 630 1 0.0002 630 only 1 0.0002 700 1 0.0002 700 only 1 0.0002 720 6 0.001 720 only 6 0.001 840 2 0.0003 840 only 2 0.0003 900 1560 0.2585 900 only 1541 0.2554 960 3 0.0005 960 only 3 0.0005 1000 1 0.0002 1000 only 1 0.0002 1200 3528 0.5847 1200 only 3525 0.5842 1210 2 0.0003 1210 only 2 0.0003 1320 1 0.0002 1320 only 1 0.0002 1380 1 0.0002 1380 only 1 0.0002 1440 1 0.0002 1440 only 1 0.0002 1500 4 0.0007 1500 only 3 0.0005 1800 860 0.1425 1800 only 839 0.139 1980 2 0.0003 1980 only 2 0.0003 2100 1 0.0002 2400 8 0.0013 2400 only 8 0.0013 2700 12 0.002 2700 only 12 0.002 3000 41 0.0068 3000 only 41 0.0068 3600 1100 0.1823 3600 only 1090 0.1806 3900 2 0.0003 3900 only 2 0.0003 4200 2 0.0003 4200 only 1 0.0002 4500 1 0.0002 4500 only 1 0.0002 5160 1 0.0002 5160 only 1 0.0002 5400 15 0.0025 5400 only 9 0.0015 6000 341 0.0565 6000 only 340 0.0563 7200 15389 2.5504 7200 only 15355 2.5448 7500 2 0.0003 7500 only 2 0.0003 9000 2 0.0003 9000 only 2 0.0003 10800 5322 0.882 10800 only 5300 0.8784 14400 147 0.0244 14400 only 144 0.0239 18000 9 0.0015 18000 only 8 0.0013 21600 4353 0.7214 21600 only 4353 0.7214 25200 1 0.0002 25200 only 1 0.0002 28800 2164 0.3586 28800 only 2164 0.3586 30000 2 0.0003 30000 only 1 0.0002 36000 1239 0.2053 36000 only 1231 0.204 43200 67 0.0111 43200 only 67 0.0111 54000 2 0.0003 54000 only 2 0.0003 60000 3 0.0005 60000 only 3 0.0005 64800 73037 12.1044 64800 only 73018 12.1013 72000 12 0.002 72000 only 12 0.002 79200 1 0.0002 79200 only 1 0.0002 86400 3232 0.5356 86400 only 3222 0.534 100800 9169 1.5196 100800 only 9156 1.5174 108000 1 0.0002 108000 only 1 0.0002 115200 1 0.0002 115200 only 1 0.0002 129600 6 0.001 129600 only 6 0.001 172800 49 0.0081 172800 only 49 0.0081 216000 3 0.0005 216000 only 3 0.0005 259200 3 0.0005 259200 only 3 0.0005 432000 1 0.0002 432000 only 1 0.0002 604800 1 0.0002 864000 2 0.0003 864000 only 2 0.0003 7776000 2 0.0003 7776000 only 2 0.0003 None 147458 24.4382 None only 144200 23.8983 Certificate sig alg Count Percent -------------------------+---------+-------- None 10178 1.6868 ecdsa-with-SHA256 70598 11.7002 sha1WithRSAEncryption 17351 2.8756 sha256WithRSAEncryption 533303 88.3843 sha384WithRSAEncryption 7 0.0012 sha512WithRSAEncryption 77 0.0128 Certificate key size Count Percent -------------------------+---------+-------- ECDSA 256 72865 12.0759 ECDSA 384 41 0.0068 ECDSA 521 1 0.0002 RSA 1024 14 0.0023 RSA 2048 516458 85.5926 RSA 2049 4 0.0007 RSA 2056 1 0.0002 RSA 2058 3 0.0005 RSA 2059 1 0.0002 RSA 2080 6 0.001 RSA 2084 1 0.0002 RSA 2086 1 0.0002 RSA 2096 3 0.0005 RSA 2408 1 0.0002 RSA 2432 6 0.001 RSA 2560 1 0.0002 RSA 2948 1 0.0002 RSA 3072 158 0.0262 RSA 3096 2 0.0003 RSA 3120 1 0.0002 RSA 3248 3 0.0005 RSA 4048 3 0.0005 RSA 4056 21 0.0035 RSA 4069 1 0.0002 RSA 4086 3 0.0005 RSA 4092 2 0.0003 RSA 4094 1 0.0002 RSA 4095 1 0.0002 RSA 4096 33887 5.6161 RSA 4196 1 0.0002 RSA 8192 12 0.002 RSA 8392 1 0.0002 RSA/ECDSA Dual Stack 20097 3.3307 OCSP stapling Count Percent -------------------------+---------+-------- Supported 139486 23.117 Unsupported 463905 76.883 Supported Protocols Count Percent -------------------------+---------+------- SSL2 15694 2.601 SSL2 Only 9 0.0015 SSL3 88647 14.6915 SSL3 Only 325 0.0539 SSL3 or TLS1 Only 47120 7.8092 SSL3 or lower Only 335 0.0555 TLS1 590402 97.8473 TLS1 Only 28435 4.7125 TLS1 or lower Only 61759 10.2353 TLS1.1 532582 88.2648 TLS1.1 Only 43 0.0071 TLS1.1 or up Only 12475 2.0675 TLS1.2 539663 89.4384 TLS1.2 Only 3587 0.5945 TLS1.2, 1.0 but not 1.1 5029 0.8335 Client Hello intolerance Count Percent ----------------------------------------+---------+------- Huge Cipher List 539862 89.4713 Huge Cipher List (trunc 16388) 143271 23.7443 SSL 3.254 19882 3.295 TLS 1.0 66391 11.003 TLS 1.1 3190 0.5287 TLS 1.2 67 0.0111 TLS 1.3 7896 1.3086 TLS 1.4 14758 2.4458 Xmas tree 43001 7.1266 x:missing information 44 0.0073 Statistics from 544239 chains provided by 734331 hosts Server provided chains Count Percent -------------------------+---------+------- complete 493648 67.2242 incomplete 20056 2.7312 untrusted 220627 30.0446 Trusted chain statistics ======================== Chain length Count Percent -------------------------+---------+------- 2 1 0.0002 3 540295 99.2753 4 3930 0.7221 5 13 0.0024 CA key size in chains Count -------------------------+--------- ECDSA 256 30197 ECDSA 384 30193 RSA 1024 9 RSA 2045 2 RSA 2048 845143 RSA 4096 186889 Chains with CA key Count Percent -------------------------+---------+------- ECDSA 256 30197 5.5485 ECDSA 384 30193 5.5477 RSA 1024 7 0.0013 RSA 2045 2 0.0004 RSA 2048 513612 94.3725 RSA 4096 186227 34.2179 Signature algorithm (ex. root) Count ------------------------------+--------- ecdsa-with-SHA384 30185 sha1WithRSAEncryption 20474 sha256WithRSAEncryption 330105 sha384WithRSAEncryption 167373 sha512WithRSAEncryption 57 Eff. host cert chain LoS Count Percent -------------------------+---------+------- 80 20448 3.7572 112 493575 90.6909 128 30216 5.552 Most popular root CAs Count Percent ---------------------------------------------+---------+------- (d6325660) COMODO RSA Certification Authority 149876 27.5386 (2c543cd1) GeoTrust Global CA 82272 15.1169 (cbf06781) Go Daddy Root Certificate Authorit 46152 8.4801 (5ad8a5d6) GlobalSign Root CA 42046 7.7256 (b204d74a) VeriSign Class 3 Public Primary Ce 30585 5.6198 (eed8c118) COMODO ECC Certification Authority 30178 5.545 (244b5494) DigiCert High Assurance EV Root CA 21202 3.8957 (2e4eed3c) thawte Primary Root CA 17390 3.1953 (fc5a8f99) USERTrust RSA Certification Author 17354 3.1887 (2e5ac55d) DST Root CA X3 16492 3.0303 (653b494a) Baltimore CyberTrust Root 11315 2.079 (3513523f) DigiCert Global Root CA 10347 1.9012 (ae8153b9) StartCom Certification Authority 9044 1.6618 (4bfab552) Starfield Root Certificate Authori 9012 1.6559 (e2799e36) GeoTrust Primary Certification Aut 6148 1.1297 (480720ec) GeoTrust Primary Certification Aut 5775 1.0611 (02265526) Entrust Root Certification Authori 3969 0.7293 (ba89ed3b) thawte Primary Root CA - G3 3394 0.6236 (8096d0a9) Certification Authority of WoSign 2877 0.5286 (157753a5) AddTrust External CA Root 2782 0.5112 Most popular intermediate CA Count Percent ---------------------------------------------+---------+------- (8d28ae65) COMODO RSA Domain Validation Secur 100923 18.5439 (27eb7704) Go Daddy Secure Certificate Author 46152 8.4801 (53f3e569) RapidSSL SHA256 CA - G3 40339 7.412 (6cfa716c) COMODO ECC Domain Validation Secur 30126 5.5354 (7d9c641e) Symantec Class 3 Secure Server CA 21662 3.9802 (1400f578) cPanel, Inc. Certification Authori 19580 3.5977 (38ae8eda) DigiCert SHA2 High Assurance Serve 17140 3.1494 (4f06f81d) Let's Encrypt Authority X3 16492 3.0303 (16744f0c) AlphaSSL CA - SHA256 - G2 16239 2.9838 (493a2f06) COMODO RSA Domain Validation Secur 13442 2.4699 (10310d4b) GeoTrust SSL CA - G3 13423 2.4664 (80ecc636) RapidSSL SHA256 CA 12795 2.351 (d7d634d4) GlobalSign Domain Validation CA - 11432 2.1005 (b85455c4) GlobalSign Organization Validation 11363 2.0879 (c43a77d9) COMODO RSA Organization Validation 11217 2.061 (85cf5865) DigiCert SHA2 Secure Server CA 10208 1.8756 (9ad474ec) thawte SSL CA - G2 9146 1.6805 (cd7781e5) Starfield Secure Certificate Autho 9012 1.6559 (d84ef247) GeoTrust DV SSL CA - G4 7163 1.3161 (a0f7ac3e) Symantec Class 3 EV SSL CA - G3 7144 1.3127 (3d97f5e2) Verizon Akamai SureServer CA G14-S 7025 1.2908 (fd917e82) SecureCore RSA DV CA 6995 1.2853 (b71a5f76) GeoTrust EV SSL CA - G4 5724 1.0517 (661c52cc) thawte DV SSL CA - G2 5368 0.9863 (e22cd3f0) COMODO RSA Extended Validation Sec 4365 0.802 (7f8496de) StartCom Class 1 DV Server CA 3678 0.6758 (45bfefc3) DigiCert SHA2 Extended Validation 3527 0.6481 (2835d715) Entrust Certification Authority - 3328 0.6115 (f131b364) RapidSSL CA 3180 0.5843 (98d7cad7) GeoTrust DV SSL CA - G3 3154 0.5795 Scan performed between 20th of July and 17th of August 2016 -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
Attachment:
signature.asc
Description: This is a digitally signed message part.
-- security mailing list security@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/security@xxxxxxxxxxxxxxxxxxxxxxx
