TLS scan results for March 2015
by Hubert Kario
This month's results are a bit more interesting, significant fall in RC4
support (10%), SHA-1 certificates below 50% of market share.
Detailed analysis on my blog:
https://securitypitfalls.wordpress.com/2015/03/29/march-2015-scan-results/
SSL/TLS survey of 490866 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)
Supported Ciphers Count Percent
-------------------------+---------+-------
3DES 407148 82.9448
3DES Only 780 0.1589
AES 473911 96.5459
AES Only 10460 2.1309
AES-CBC Only 4648 0.9469
AES-GCM 296424 60.388
AES-GCM Only 18 0.0037
CAMELLIA 207419 42.2557
CAMELLIA Only 1 0.0002
CHACHA20 60469 12.3188
CHACHA20 Only 1 0.0002
Insecure 85180 17.353
RC4 320737 65.3411
RC4 Only 2912 0.5932
RC4 Preferred 53442 10.8873
RC4 forced in TLS1.1+ 32201 6.56
x:FF 29 RC4 Only 472 0.0962
x:FF 29 RC4 Preferred 58536 11.925
x:FF 29 incompatible 132 0.0269
y:DHE-RSA-SEED-SHA 108308 22.0647
y:IDEA-CBC-MD5 2768 0.5639
y:IDEA-CBC-SHA 87595 17.845
y:SEED-SHA 105451 21.4826
z:ADH-AES128-GCM-SHA256 422 0.086
z:ADH-AES128-SHA 1103 0.2247
z:ADH-AES128-SHA256 311 0.0634
z:ADH-AES256-GCM-SHA384 433 0.0882
z:ADH-AES256-SHA 1109 0.2259
z:ADH-AES256-SHA256 314 0.064
z:ADH-CAMELLIA128-SHA 560 0.1141
z:ADH-CAMELLIA256-SHA 569 0.1159
z:ADH-DES-CBC-SHA 379 0.0772
z:ADH-DES-CBC3-SHA 1130 0.2302
z:ADH-RC4-MD5 884 0.1801
z:ADH-SEED-SHA 394 0.0803
z:AECDH-AES128-SHA 14471 2.9481
z:AECDH-AES256-SHA 14474 2.9487
z:AECDH-DES-CBC3-SHA 14430 2.9397
z:AECDH-NULL-SHA 29 0.0059
z:AECDH-RC4-SHA 13672 2.7853
z:DES-CBC-MD5 17518 3.5688
z:DES-CBC-SHA 47111 9.5975
z:DES-CBC3-MD5 32625 6.6464
z:ECDHE-RSA-NULL-SHA 35 0.0071
z:EDH-RSA-DES-CBC-SHA 40234 8.1965
z:EXP-ADH-DES-CBC-SHA 303 0.0617
z:EXP-ADH-RC4-MD5 305 0.0621
z:EXP-DES-CBC-SHA 29855 6.0821
z:EXP-EDH-RSA-DES-CBC-SHA 22110 4.5043
z:EXP-RC2-CBC-MD5 34449 7.018
z:EXP-RC4-MD5 37185 7.5754
z:EXP1024-DES-CBC-SHA 8663 1.7648
z:EXP1024-RC4-SHA 8830 1.7989
z:NULL-MD5 278 0.0566
z:NULL-SHA 280 0.057
z:NULL-SHA256 11 0.0022
z:RC2-CBC-MD5 17890 3.6446
z:RC4-64-MD5 1436 0.2925
Cipher ordering Count Percent
-------------------------+---------+-------
Client side 139786 28.4774
Server side 351080 71.5226
Supported Handshakes Count Percent
-------------------------+---------+-------
ADH 1266 0.2579
AECDH 14497 2.9534
DHE 268821 54.7646
ECDHE 320467 65.286
ECDHE and DHE 168193 34.2645
RSA 456968 93.0942
Supported PFS Count Percent PFS Percent
-------------------------+---------+--------+-----------
DH,512bits 22192 4.521 8.2553
DH,768bits 763 0.1554 0.2838
DH,1024bits 223064 45.443 82.9786
DH,1536bits 1 0.0002 0.0004
DH,2048bits 42555 8.6694 15.8302
DH,2226bits 1 0.0002 0.0004
DH,2236bits 2 0.0004 0.0007
DH,3072bits 19 0.0039 0.0071
DH,3248bits 2 0.0004 0.0007
DH,4096bits 2364 0.4816 0.8794
DH,8192bits 1 0.0002 0.0004
ECDH,B-163,163bits 7 0.0014 0.0022
ECDH,K-163,163bits 1 0.0002 0.0003
ECDH,P-224,224bits 50 0.0102 0.0156
ECDH,P-256,256bits 313819 63.9317 97.9255
ECDH,P-384,384bits 3463 0.7055 1.0806
ECDH,B-409,409bits 1 0.0002 0.0003
ECDH,P-521,521bits 4730 0.9636 1.476
ECDH,B-571,570bits 750 0.1528 0.234
Prefer DH,512bits 3 0.0006 0.0011
Prefer DH,768bits 432 0.088 0.1607
Prefer DH,1024bits 95849 19.5265 35.6553
Prefer DH,2048bits 3048 0.6209 1.1338
Prefer DH,2236bits 1 0.0002 0.0004
Prefer DH,3072bits 1 0.0002 0.0004
Prefer DH,4096bits 92 0.0187 0.0342
Prefer ECDH,B-163,163bits 7 0.0014 0.0022
Prefer ECDH,K-163,163bits 1 0.0002 0.0003
Prefer ECDH,P-224,224bits 17 0.0035 0.0053
Prefer ECDH,P-256,256bits 259052 52.7745 80.8358
Prefer ECDH,P-384,384bits 2751 0.5604 0.8584
Prefer ECDH,P-521,521bits 4403 0.897 1.3739
Prefer ECDH,B-571,570bits 550 0.112 0.1716
Prefer PFS 366207 74.6043 0
Support PFS 421095 85.7861 0
Supported ECC curves Count Percent
-------------------------+---------+--------
brainpoolP256r1 106 0.0216
brainpoolP384r1 106 0.0216
brainpoolP512r1 106 0.0216
prime192v1 762 0.1552
prime256v1 319803 65.1508
prime256v1 Only 277852 56.6045
secp160k1 729 0.1485
secp160r1 730 0.1487
secp160r2 728 0.1483
secp192k1 751 0.153
secp224k1 785 0.1599
secp224r1 1393 0.2838
secp224r1 Only 1 0.0002
secp256k1 799 0.1628
secp384r1 42156 8.5881
secp384r1 Only 204 0.0416
secp521r1 10564 2.1521
secp521r1 Only 85 0.0173
sect163k1 734 0.1495
sect163k1 Only 1 0.0002
sect163r1 733 0.1493
sect163r2 740 0.1508
sect163r2 Only 7 0.0014
sect193r1 732 0.1491
sect193r2 732 0.1491
sect233k1 780 0.1589
sect233r1 780 0.1589
sect239k1 779 0.1587
sect283k1 779 0.1587
sect283r1 778 0.1585
sect409k1 777 0.1583
sect409r1 777 0.1583
sect571k1 791 0.1611
sect571r1 791 0.1611
Unsupported curve fallback Count Percent
------------------------------+---------+--------
False 79157 16.126
True 201745 41.0998
order-specific 13 0.0026
unknown 209951 42.7716
ECC curve ordering Count Percent
-------------------------+---------+--------
client 1847 0.3763
inconclusive-noecc 28 0.0057
server 318249 64.8342
unknown 170742 34.7838
TLSv1.2 PFS supported sigalgs Count Percent
------------------------------+---------+--------
ECDSA-SHA1 27988 5.7018
ECDSA-SHA1 Only 1 0.0002
ECDSA-SHA224 27987 5.7016
ECDSA-SHA256 27989 5.702
ECDSA-SHA384 27991 5.7024
ECDSA-SHA512 27993 5.7028
ECDSA-SHA512 Only 2 0.0004
RSA-MD5 136241 27.7552
RSA-SHA1 288779 58.8305
RSA-SHA1 Only 44445 9.0544
RSA-SHA224 234597 47.7925
RSA-SHA256 247885 50.4995
RSA-SHA256 Only 3147 0.6411
RSA-SHA384 235034 47.8815
RSA-SHA512 235096 47.8941
RSA-SHA512 Only 58 0.0118
TLSv1.2 PFS ordering Count Percent
------------------------------+---------+--------
client 213446 43.4836
indeterminate 11 0.0022
intolerant 1648 0.3357
order-fallback 40 0.0081
server 105410 21.4743
unsupported 36763 7.4894
TLSv1.2 PFS sigalg fallback Count Percent
------------------------------+---------+--------
ECDSA SHA1 27982 5.7005
ECDSA intolerant 14 0.0029
ECDSA pfs-rsa-SHA512 1 0.0002
RSA False 134610 27.423
RSA SHA1 133281 27.1522
RSA intolerant 23009 4.6874
RSA pfs-ecdsa-SHA512 2 0.0004
RSA soft-nopfs 1784 0.3634
Renegotiation Count Percent
-------------------------+---------+--------
False 9310 1.8966
insecure 25318 5.1578
secure 456238 92.9455
Compression Count Percent
-------------------------+---------+--------
1 (zlib compression) 14829 3.021
False 9310 1.8966
NONE 466727 95.0824
TLS session ticket hint Count Percent
-------------------------+---------+--------
1 2 0.0004
1 only 2 0.0004
2 2 0.0004
2 only 2 0.0004
5 1 0.0002
5 only 1 0.0002
10 6 0.0012
10 only 6 0.0012
15 5 0.001
15 only 5 0.001
30 6 0.0012
30 only 6 0.0012
60 80 0.0163
60 only 76 0.0155
65 1 0.0002
65 only 1 0.0002
70 6 0.0012
75 1 0.0002
75 only 1 0.0002
100 13 0.0026
100 only 13 0.0026
120 28 0.0057
120 only 28 0.0057
128 2 0.0004
128 only 2 0.0004
180 47 0.0096
180 only 45 0.0092
240 8 0.0016
240 only 8 0.0016
256 1 0.0002
256 only 1 0.0002
300 208001 42.3743
300 only 200049 40.7543
360 1 0.0002
400 5 0.001
400 only 5 0.001
420 109 0.0222
420 only 55 0.0112
480 13 0.0026
480 only 13 0.0026
500 4 0.0008
500 only 4 0.0008
600 14341 2.9216
600 only 14057 2.8637
660 1 0.0002
660 only 1 0.0002
720 1 0.0002
720 only 1 0.0002
900 521 0.1061
900 only 504 0.1027
960 2 0.0004
960 only 2 0.0004
1200 322 0.0656
1200 only 318 0.0648
1440 1 0.0002
1440 only 1 0.0002
1500 12 0.0024
1500 only 11 0.0022
1800 349 0.0711
1800 only 339 0.0691
2400 7 0.0014
2400 only 7 0.0014
2700 7 0.0014
2700 only 7 0.0014
3000 12 0.0024
3000 only 12 0.0024
3600 397 0.0809
3600 only 377 0.0768
4200 1 0.0002
5400 14 0.0029
5400 only 2 0.0004
6000 3 0.0006
6000 only 3 0.0006
7200 14219 2.8967
7200 only 13909 2.8336
10800 2158 0.4396
10800 only 2153 0.4386
14400 1534 0.3125
14400 only 1529 0.3115
18000 2 0.0004
18000 only 2 0.0004
21600 5398 1.0997
21600 only 5398 1.0997
28800 13 0.0026
28800 only 12 0.0024
36000 1015 0.2068
36000 only 1008 0.2054
43200 25 0.0051
43200 only 21 0.0043
60000 1 0.0002
60000 only 1 0.0002
64800 46186 9.4091
64800 only 46179 9.4077
72000 6 0.0012
72000 only 6 0.0012
84600 1 0.0002
84600 only 1 0.0002
86000 29 0.0059
86000 only 29 0.0059
86400 271 0.0552
86400 only 270 0.055
100800 13929 2.8376
100800 only 13929 2.8376
129600 10 0.002
129600 only 10 0.002
172800 1 0.0002
172800 only 1 0.0002
216000 1 0.0002
216000 only 1 0.0002
432000 1 0.0002
432000 only 1 0.0002
604800 1 0.0002
604800 only 1 0.0002
864000 5 0.001
864000 only 5 0.001
None 190434 38.7955
None only 181732 37.0227
Certificate sig alg Count Percent
-------------------------+---------+--------
None 15465 3.1506
ecdsa-with-SHA256 27974 5.6989
sha1WithRSAEncryption 236900 48.2616
sha256WithRSAEncryption 226070 46.0553
sha512WithRSAEncryption 10 0.002
Certificate key size Count Percent
-------------------------+---------+--------
ECDSA 256 27993 5.7028
ECDSA 384 6 0.0012
RSA 1024 369 0.0752
RSA 2028 1 0.0002
RSA 2047 1 0.0002
RSA 2048 445922 90.8439
RSA 2049 3 0.0006
RSA 2056 3 0.0006
RSA 2058 3 0.0006
RSA 2064 1 0.0002
RSA 2080 2 0.0004
RSA 2084 13 0.0026
RSA 2096 1 0.0002
RSA 2345 1 0.0002
RSA 2408 2 0.0004
RSA 2432 7 0.0014
RSA 2612 2 0.0004
RSA 3024 1 0.0002
RSA 3072 88 0.0179
RSA 3102 1 0.0002
RSA 3248 3 0.0006
RSA 3600 1 0.0002
RSA 4042 1 0.0002
RSA 4048 2 0.0004
RSA 4056 23 0.0047
RSA 4069 1 0.0002
RSA 4086 2 0.0004
RSA 4092 9 0.0018
RSA 4096 16428 3.3467
RSA 4098 1 0.0002
RSA 8192 4 0.0008
RSA 10240 7 0.0014
RSA/ECDSA Dual Stack 30 0.0061
OCSP stapling Count Percent
-------------------------+---------+--------
Supported 84875 17.2909
Unsupported 405991 82.7091
Supported Protocols Count Percent
-------------------------+---------+-------
SSL2 32906 6.7037
SSL2 Only 70 0.0143
SSL3 154674 31.5104
SSL3 Only 1232 0.251
SSL3 or TLS1 Only 99145 20.198
SSL3 or lower Only 1271 0.2589
TLS1 488375 99.4925
TLS1 Only 56239 11.4571
TLS1 or lower Only 129642 26.4109
TLS1.1 346511 70.5918
TLS1.1 Only 7 0.0014
TLS1.1 or up Only 883 0.1799
TLS1.2 357304 72.7905
TLS1.2 Only 578 0.1178
TLS1.2, 1.0 but not 1.1 12762 2.5999
Statistics from 520507 chains provided by 672015 hosts
Server provided chains Count Percent
-------------------------+---------+-------
complete 460603 68.5406
incomplete 28832 4.2904
untrusted 182580 27.169
Trusted chain statistics
========================
Chain length Count Percent
-------------------------+---------+-------
2 1205 0.2315
3 443210 85.1497
4 76056 14.6119
5 36 0.0069
CA key size in chains Count
-------------------------+---------
ECDSA 256 27857
ECDSA 384 27857
RSA 1024 1171
RSA 2045 1
RSA 2048 973503
RSA 4096 85548
Chains with CA key Count Percent
-------------------------+---------+-------
ECDSA 256 27857 5.3519
ECDSA 384 27857 5.3519
RSA 1024 1167 0.2242
RSA 2045 1 0.0002
RSA 2048 491325 94.3935
RSA 4096 84807 16.2932
Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384 27857
sha1WithRSAEncryption 262841
sha256WithRSAEncryption 159502
sha384WithRSAEncryption 145194
sha512WithRSAEncryption 36
Eff. host cert chain LoS Count Percent
-------------------------+---------+-------
80 262927 50.5136
112 229721 44.1341
128 27859 5.3523
Root CAs Count Percent
---------------------------------------------+---------+-------
(2c543cd1) GeoTrust Global CA 115769 22.2416
(157753a5) AddTrust External CA Root 107315 20.6174
(5ad8a5d6) GlobalSign Root CA 53007 10.1837
(cbf06781) Go Daddy Root Certificate Authorit 45510 8.7434
(b204d74a) VeriSign Class 3 Public Primary Ce 29396 5.6476
(eed8c118) COMODO ECC Certification Authority 27851 5.3507
(2e4eed3c) thawte Primary Root CA 26160 5.0259
(244b5494) DigiCert High Assurance EV Root CA 25614 4.921
(653b494a) Baltimore CyberTrust Root 11786 2.2643
(f081611a) The Go Daddy Group, Inc. 10796 2.0741
(b13cc6df) UTN-USERFirst-Hardware 9685 1.8607
(ae8153b9) StartCom Certification Authority 9557 1.8361
(f387163d) Starfield Technologies, Inc. 7849 1.508
(40547a79) COMODO Certification Authority 6860 1.3179
(3513523f) DigiCert Global Root CA 6032 1.1589
(480720ec) GeoTrust Primary Certification Aut 5231 1.005
Scan performed between 16th and 27th of March 2015.
--
Regards,
Hubert Kario
8 years, 2 months
- 2
- 1
TLS scan results for February 2015
by Hubert Kario
Sorry for being a bit late with the scan results.
The bad news that there have been few changes, the bad news is that there have
been few changes :)
more detailed analysis on my blog:
https://securitypitfalls.wordpress.com/2015/03/13/february-2015-scan-resu...
SSL/TLS survey of 478847 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)
Supported Ciphers Count Percent
-------------------------+---------+-------
3DES 389395 81.3193
3DES Only 446 0.0931
AES 452703 94.5402
AES Only 7959 1.6621
AES-CBC Only 4111 0.8585
AES-GCM 275395 57.5121
AES-GCM Only 21 0.0044
CAMELLIA 201517 42.0838
CAMELLIA Only 1 0.0002
CHACHA20 27231 5.6868
Insecure 88014 18.3804
RC4 362499 75.7025
RC4 Only 3578 0.7472
RC4 Preferred 63514 13.2639
RC4 forced in TLS1.1+ 40750 8.51
x:FF 29 RC4 Only 545 0.1138
x:FF 29 RC4 Preferred 68531 14.3117
x:FF 29 incompatible 135 0.0282
y:DHE-RSA-SEED-SHA 106333 22.206
y:IDEA-CBC-MD5 2911 0.6079
y:IDEA-CBC-SHA 85651 17.8869
y:SEED-SHA 103273 21.567
z:ADH-AES128-GCM-SHA256 352 0.0735
z:ADH-AES128-SHA 983 0.2053
z:ADH-AES128-SHA256 278 0.0581
z:ADH-AES256-GCM-SHA384 367 0.0766
z:ADH-AES256-SHA 995 0.2078
z:ADH-AES256-SHA256 282 0.0589
z:ADH-CAMELLIA128-SHA 440 0.0919
z:ADH-CAMELLIA256-SHA 449 0.0938
z:ADH-DES-CBC-SHA 378 0.0789
z:ADH-DES-CBC3-SHA 1011 0.2111
z:ADH-RC4-MD5 787 0.1644
z:ADH-SEED-SHA 293 0.0612
z:AECDH-AES128-SHA 14530 3.0344
z:AECDH-AES256-SHA 14530 3.0344
z:AECDH-DES-CBC3-SHA 14487 3.0254
z:AECDH-NULL-SHA 38 0.0079
z:AECDH-RC4-SHA 13507 2.8207
z:DES-CBC-MD5 18469 3.857
z:DES-CBC-SHA 49506 10.3386
z:DES-CBC3-MD5 33718 7.0415
z:ECDHE-RSA-NULL-SHA 43 0.009
z:EDH-RSA-DES-CBC-SHA 42281 8.8298
z:EXP-ADH-DES-CBC-SHA 302 0.0631
z:EXP-ADH-RC4-MD5 306 0.0639
z:EXP-DES-CBC-SHA 35244 7.3602
z:EXP-EDH-RSA-DES-CBC-SHA 24614 5.1403
z:EXP-RC2-CBC-MD5 40047 8.3632
z:EXP-RC4-MD5 42873 8.9534
z:EXP1024-DES-CBC-SHA 9396 1.9622
z:EXP1024-RC4-SHA 9557 1.9958
z:NULL-MD5 292 0.061
z:NULL-SHA 292 0.061
z:NULL-SHA256 12 0.0025
z:RC2-CBC-MD5 18829 3.9322
z:RC4-64-MD5 1529 0.3193
Cipher ordering Count Percent
-------------------------+---------+-------
Client side 141265 29.5011
Server side 337582 70.4989
Supported Handshakes Count Percent
-------------------------+---------+-------
ADH 1120 0.2339
AECDH 14557 3.04
DHE 256190 53.5014
ECDHE 305994 63.9022
ECDHE and DHE 154553 32.2761
RSA 446580 93.2615
Supported PFS Count Percent PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits 214103 44.7122 83.572
DH,1536bits 1 0.0002 0.0004
DH,2048bits 39131 8.1719 15.2742
DH,2226bits 1 0.0002 0.0004
DH,2236bits 1 0.0002 0.0004
DH,3072bits 19 0.004 0.0074
DH,3248bits 2 0.0004 0.0008
DH,4094bits 1 0.0002 0.0004
DH,4096bits 2115 0.4417 0.8256
DH,512bits 87 0.0182 0.034
DH,768bits 759 0.1585 0.2963
DH,8192bits 1 0.0002 0.0004
ECDH,B-163,163bits 7 0.0015 0.0023
ECDH,B-571,570bits 707 0.1476 0.2311
ECDH,K-163,163bits 1 0.0002 0.0003
ECDH,P-224,224bits 51 0.0107 0.0167
ECDH,P-256,256bits 299807 62.6102 97.9781
ECDH,P-384,384bits 3156 0.6591 1.0314
ECDH,P-521,521bits 4454 0.9302 1.4556
Prefer DH,1024bits 99375 20.753 38.7896
Prefer DH,2048bits 2882 0.6019 1.1249
Prefer DH,2236bits 1 0.0002 0.0004
Prefer DH,4096bits 90 0.0188 0.0351
Prefer DH,512bits 3 0.0006 0.0012
Prefer DH,768bits 420 0.0877 0.1639
Prefer ECDH,B-163,163bits 7 0.0015 0.0023
Prefer ECDH,B-571,570bits 521 0.1088 0.1703
Prefer ECDH,K-163,163bits 1 0.0002 0.0003
Prefer ECDH,P-224,224bits 18 0.0038 0.0059
Prefer ECDH,P-256,256bits 243201 50.7889 79.479
Prefer ECDH,P-384,384bits 3079 0.643 1.0062
Prefer ECDH,P-521,521bits 4146 0.8658 1.3549
Prefer PFS 353744 73.8741 0
Support PFS 407631 85.1276 0
Supported ECC curves Count Percent
-------------------------+---------+--------
brainpoolP256r1 77 0.0161
brainpoolP384r1 77 0.0161
brainpoolP512r1 77 0.0161
prime192v1 721 0.1506
prime256v1 305466 63.792
prime256v1 Only 265378 55.4202
secp160k1 689 0.1439
secp160r1 688 0.1437
secp160r2 688 0.1437
secp192k1 716 0.1495
secp224k1 747 0.156
secp224r1 1221 0.255
secp224r1 Only 1 0.0002
secp256k1 766 0.16
secp384r1 40252 8.406
secp384r1 Only 166 0.0347
secp521r1 9985 2.0852
secp521r1 Only 86 0.018
sect163k1 688 0.1437
sect163r1 688 0.1437
sect163r2 695 0.1451
sect163r2 Only 7 0.0015
sect193r1 688 0.1437
sect193r2 688 0.1437
sect233k1 738 0.1541
sect233r1 738 0.1541
sect239k1 737 0.1539
sect283k1 737 0.1539
sect283r1 737 0.1539
sect409k1 737 0.1539
sect409r1 737 0.1539
sect571k1 756 0.1579
sect571r1 756 0.1579
Unsupported curve fallback Count Percent
------------------------------+---------+--------
False 75947 15.8604
True 188432 39.3512
order-specific 12 0.0025
unknown 214456 44.7859
ECC curve ordering Count Percent
-------------------------+---------+--------
client 1661 0.3469
inconclusive-noecc 4 0.0008
server 304074 63.5013
unknown 173108 36.151
TLSv1.2 PFS supported sigalgs Count Percent
------------------------------+---------+--------
ECDSA-SHA1 27872 5.8206
ECDSA-SHA224 27873 5.8209
ECDSA-SHA256 27873 5.8209
ECDSA-SHA384 27874 5.8211
ECDSA-SHA512 27874 5.8211
RSA-MD5 132832 27.74
RSA-MD5 Only 1 0.0002
RSA-SHA1 275469 57.5276
RSA-SHA1 Only 42560 8.888
RSA-SHA224 224806 46.9474
RSA-SHA256 235988 49.2825
RSA-SHA256 Only 2701 0.5641
RSA-SHA384 225210 47.0317
RSA-SHA512 225254 47.0409
RSA-SHA512 Only 39 0.0081
TLSv1.2 PFS ordering Count Percent
------------------------------+---------+--------
client 206251 43.0724
indeterminate 7 0.0015
intolerant 1409 0.2942
order-fallback 2 0.0004
server 98943 20.6628
unsupported 37273 7.7839
TLSv1.2 PFS sigalg fallback Count Percent
------------------------------+---------+--------
ECDSA SHA1 27871 5.8204
ECDSA intolerant 4 0.0008
ECDSA pfs-rsa-SHA512 1 0.0002
RSA False 131264 27.4125
RSA SHA1 125024 26.1094
RSA intolerant 20874 4.3592
RSA pfs-ecdsa-SHA512 1 0.0002
RSA soft-nopfs 1609 0.336
Renegotiation Count Percent
-------------------------+---------+--------
False 9764 2.0391
insecure 25819 5.3919
secure 443264 92.569
Compression Count Percent
-------------------------+---------+--------
1 (zlib compression) 15459 3.2284
False 9764 2.0391
NONE 453624 94.7326
TLS session ticket hint Count Percent
-------------------------+---------+--------
1 2 0.0004
1 only 2 0.0004
2 2 0.0004
2 only 2 0.0004
5 1 0.0002
5 only 1 0.0002
10 4 0.0008
10 only 4 0.0008
15 8 0.0017
15 only 8 0.0017
30 10 0.0021
30 only 10 0.0021
60 71 0.0148
60 only 64 0.0134
65 1 0.0002
65 only 1 0.0002
70 4 0.0008
75 1 0.0002
75 only 1 0.0002
100 11 0.0023
100 only 11 0.0023
120 24 0.005
120 only 23 0.0048
128 3 0.0006
128 only 3 0.0006
180 47 0.0098
180 only 45 0.0094
240 11 0.0023
240 only 11 0.0023
300 201017 41.9794
300 only 192323 40.1638
360 2 0.0004
360 only 1 0.0002
400 4 0.0008
400 only 4 0.0008
420 37 0.0077
420 only 26 0.0054
480 16 0.0033
480 only 14 0.0029
500 4 0.0008
500 only 4 0.0008
600 14965 3.1252
600 only 14676 3.0649
720 1 0.0002
720 only 1 0.0002
840 1 0.0002
840 only 1 0.0002
900 520 0.1086
900 only 500 0.1044
960 2 0.0004
960 only 2 0.0004
1000 1 0.0002
1000 only 1 0.0002
1200 286 0.0597
1200 only 283 0.0591
1500 9 0.0019
1500 only 8 0.0017
1800 343 0.0716
1800 only 334 0.0698
2100 1 0.0002
2100 only 1 0.0002
2400 2 0.0004
2400 only 2 0.0004
2700 5 0.001
2700 only 5 0.001
3000 11 0.0023
3000 only 11 0.0023
3600 329 0.0687
3600 only 312 0.0652
5400 10 0.0021
6000 3 0.0006
6000 only 3 0.0006
7200 14085 2.9414
7200 only 11423 2.3855
10800 1006 0.2101
10800 only 1001 0.209
14400 1416 0.2957
14400 only 1415 0.2955
18000 1 0.0002
18000 only 1 0.0002
21600 4976 1.0392
21600 only 4973 1.0385
28800 12 0.0025
28800 only 11 0.0023
36000 980 0.2047
36000 only 975 0.2036
43200 101 0.0211
43200 only 101 0.0211
60000 1 0.0002
60000 only 1 0.0002
64800 45713 9.5465
64800 only 45710 9.5458
72000 8 0.0017
72000 only 8 0.0017
86000 28 0.0058
86000 only 28 0.0058
86400 225 0.047
86400 only 224 0.0468
93600 1 0.0002
93600 only 1 0.0002
100800 12805 2.6741
100800 only 12805 2.6741
129600 8 0.0017
129600 only 8 0.0017
172800 1 0.0002
172800 only 1 0.0002
604800 1 0.0002
604800 only 1 0.0002
864000 3 0.0006
864000 only 3 0.0006
None 191458 39.9831
None only 179709 37.5295
Certificate sig alg Count Percent
-------------------------+---------+--------
None 15481 3.233
ecdsa-with-SHA256 27852 5.8165
sha1WithRSAEncryption 247414 51.6687
sha256WithRSAEncryption 203665 42.5324
sha512WithRSAEncryption 10 0.0021
Certificate key size Count Percent
-------------------------+---------+--------
ECDSA 256 27873 5.8209
ECDSA 384 4 0.0008
RSA 1024 586 0.1224
RSA 10240 4 0.0008
RSA 2028 1 0.0002
RSA 2047 1 0.0002
RSA 2048 434653 90.7707
RSA 2049 2 0.0004
RSA 2056 3 0.0006
RSA 2058 4 0.0008
RSA 2064 1 0.0002
RSA 2080 2 0.0004
RSA 2084 14 0.0029
RSA 2096 1 0.0002
RSA 2408 3 0.0006
RSA 2432 5 0.001
RSA 2612 1 0.0002
RSA 3072 81 0.0169
RSA 3102 1 0.0002
RSA 3248 3 0.0006
RSA 3600 1 0.0002
RSA 4042 1 0.0002
RSA 4048 2 0.0004
RSA 4056 32 0.0067
RSA 4069 1 0.0002
RSA 4086 2 0.0004
RSA 4092 2 0.0004
RSA 4096 15597 3.2572
RSA 4098 2 0.0004
RSA 8192 4 0.0008
RSA/ECDSA Dual Stack 30 0.0063
OCSP stapling Count Percent
-------------------------+---------+--------
Supported 79626 16.6287
Unsupported 399221 83.3713
Supported Protocols Count Percent
-------------------------+---------+-------
SSL2 34004 7.1012
SSL2 Only 83 0.0173
SSL3 160049 33.4238
SSL3 Only 1554 0.3245
SSL3 or TLS1 Only 99562 20.792
SSL3 or lower Only 1597 0.3335
TLS1 476217 99.4508
TLS1 Only 53875 11.251
TLS1 or lower Only 130773 27.31
TLS1.1 333272 69.5988
TLS1.1 Only 6 0.0013
TLS1.1 or up Only 690 0.1441
TLS1.2 343871 71.8123
TLS1.2 Only 495 0.1034
TLS1.2, 1.0 but not 1.1 12594 2.6301
Statistics from 506677 chains provided by 663743 hosts
Server provided chains Count Percent
-------------------------+---------+-------
complete 445855 67.1728
incomplete 28915 4.3564
untrusted 188973 28.4708
Trusted chain statistics
========================
Chain length Count Percent
-------------------------+---------+-------
2 1250 0.2467
3 435699 85.9915
4 69697 13.7557
5 31 0.0061
CA key size in chains Count
-------------------------+---------
ECDSA 256 27724
ECDSA 384 27724
RSA 1024 1237
RSA 2045 1
RSA 2048 945864
RSA 4096 79313
Chains with CA key Count Percent
-------------------------+---------+-------
ECDSA 256 27724 5.4717
ECDSA 384 27724 5.4717
RSA 1024 1233 0.2434
RSA 2045 1 0.0002
RSA 2048 477582 94.2577
RSA 4096 78697 15.532
Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384 27724
sha1WithRSAEncryption 272982
sha256WithRSAEncryption 141436
sha384WithRSAEncryption 133014
sha512WithRSAEncryption 30
Eff. host cert chain LoS Count Percent
-------------------------+---------+-------
80 273108 53.9018
112 205843 40.6261
128 27726 5.4721
Root CAs Count Percent
---------------------------------------------+---------+-------
(2c543cd1) GeoTrust Global CA 112003 22.1054
(157753a5) AddTrust External CA Root 103054 20.3392
(5ad8a5d6) GlobalSign Root CA 51402 10.1449
(cbf06781) Go Daddy Root Certificate Authorit 42982 8.4831
(b204d74a) VeriSign Class 3 Public Primary Ce 29072 5.7378
(eed8c118) COMODO ECC Certification Authority 27720 5.4709
(2e4eed3c) thawte Primary Root CA 26917 5.3125
(244b5494) DigiCert High Assurance EV Root CA 23747 4.6868
(653b494a) Baltimore CyberTrust Root 11804 2.3297
(f081611a) The Go Daddy Group, Inc. 11749 2.3188
(b13cc6df) UTN-USERFirst-Hardware 9836 1.9413
(ae8153b9) StartCom Certification Authority 9546 1.884
(f387163d) Starfield Technologies, Inc. 8019 1.5827
(40547a79) COMODO Certification Authority 6997 1.381
(3513523f) DigiCert Global Root CA 5757 1.1362
Scan performed between 19th and 27th of February 2015.
--
Regards,
Hubert Kario
8 years, 2 months
- 3
- 3
Anaconda 22.17+ enforces "good" passwords
by Chris Murphy
Hi,
First some background:
Anaconda 22.17+ has started to enforce the following:
+- Don't allow weak LUKS passwords either (bcl)
+- Don't allow weak passwords (text mode). (sbueno+anaconda)
+- Remove the press done twice to exit text (bcl)
+- Don't allow weak user passwords (bcl)
test@ list 1st announcement of change, and the ensuing 91 (and
counting) email thread which you're welcome to skip as I'll attempt to
cover the salient points in this email:
https://lists.fedoraproject.org/pipermail/test/2015-January/124827.html
The impetus behind the change are the two scope bullets in this rejected change:
https://fedoraproject.org/wiki/Changes/SSHD_PermitRootLogin_no
A FESCO ticket has been opened asking for review:
https://fedorahosted.org/fesco/ticket/1412
And then some points:
- I think it'll make users angry. The test@ list is overwhelmingly
against the change, and I expect they're more tolerant and
understanding compared to the wider community.
- On Windows and OS X server variants, remote access (in-bound)
services are disabled by default. It's expected to use an OOB method
to initially connect to a server (or even VM) and enable the desired
services.
- libpwquality is what's being used to "grade" the quality of the
passwords used in anaconda. This has been referred to as having
capricious behavior in the test@ thread. In a 2 day old build of
boot.iso which contains the current version of libpwquality and
anaconda 22.17, I'm finding the following:
The gibberish password that an infamous xkcd comic strip railed against
# pwscore
Tr0ub4dor&3
67 ##anaconda=good
8 actually random lowercase latin characters.
# pwscore
liampres
4
# pwscore
amptiato
4
# pwscore
tempeadj
1
# pwscore
clungerm
1
8 random characters mixed case, numbers, specials.
# pwscore
CHYtU$W3
27
# pwscore
ja#P2etw
27
# pwscore
6*T!MsjD
21
Portions of widely published phrases, lowercase latin characters.
# pwscore
correcthorse
41 ##anaconda=fair
# pwscore
batterystaple
55
# pwscore
correcthorsebatterystaple
100
# pwscore
onceuponatimetherewasa
100
# pwscore
itwasthebestoftimes
100
# pwscore
lookbeforeyouleap
90
# pwscore
dropdeadgorgeous
75
I don't have an easy way to prove this, but in a millions+ attempt
brute force attack, I find it difficult to believe that
correcthorsebatterystaple is not attempted, but 6*T!MsjD is attempted.
I had recently read that up to 100 character dictionary only word
based passwords were routinely attempted in brute force attacks.
I think the change improperly shifts burden to all users without
respect to their use case, in a manner inconsistent with the device
control they've come to expect: no password requirements at all on
mobile devices, and very minimalist ones on Windows and OS X. I don't
see how being an outliar in this area, even among Linux distros,
helps.
Conclusion: I think the concerning services need to be disabled by
default, and use OOB management to enable those services, since it's a
long standing practice elsewhere. If we can do better than this, fine,
but not by shifting the security burden.
Thanks,
--
Chris Murphy
8 years, 3 months
- 7
- 52
- ← Newer
- 1
- Older →