The biggest change since July is that over 10% fewer servers use
certificates with SHA-1 signatures.
Because I was rather busy for the past few months I wasn't able to work
on the scan analysis on-time. So this month's analysis is on a longer
time scale.
More detailed analysis on my blog:
https://securitypitfalls.wordpress.com/2015/11/29/october-2015-scan-results/
SSL/TLS survey of 523658 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate
installed)
Supported Ciphers Count Percent
-------------------------+---------+-------
3DES 450366 86.0038
3DES Only 598 0.1142
AES 516026 98.5426
AES Only 22924 4.3777
AES-CBC 515568 98.4551
AES-CBC Only 10087 1.9263
AES-GCM 388464 74.1828
AES-GCM Only 378 0.0722
CAMELLIA 234209 44.7256
CAMELLIA Only 3 0.0006
CHACHA20 64701 12.3556
CHACHA20 Only 1 0.0002
Insecure 61963 11.8327
RC4 213861 40.8398
RC4 Only 1101 0.2103
RC4 Preferred 22873 4.3679
RC4 forced in TLS1.1+ 11792 2.2519
x:FF 29 RC4 Only 1377 0.263
x:FF 29 RC4 Preferred 26049 4.9744
x:FF 29 incompatible 312 0.0596
x:FF 35 RC4 Only 1656 0.3162
x:FF 35 RC4 Preferred 26149 4.9935
x:FF 35 incompatible 315 0.0602
y:DHE-RSA-SEED-SHA 84215 16.0821
y:IDEA-CBC-SHA 78851 15.0577
y:SEED-SHA 95873 18.3083
z:ADH-AES128-GCM-SHA256 395 0.0754
z:ADH-AES128-SHA 756 0.1444
z:ADH-AES128-SHA256 295 0.0563
z:ADH-AES256-GCM-SHA384 403 0.077
z:ADH-AES256-SHA 764 0.1459
z:ADH-AES256-SHA256 297 0.0567
z:ADH-CAMELLIA128-SHA 380 0.0726
z:ADH-CAMELLIA256-SHA 388 0.0741
z:ADH-DES-CBC-SHA 305 0.0582
z:ADH-DES-CBC3-SHA 775 0.148
z:ADH-RC4-MD5 638 0.1218
z:ADH-SEED-SHA 313 0.0598
z:AECDH-AES128-SHA 11266 2.1514
z:AECDH-AES256-SHA 11290 2.156
z:AECDH-DES-CBC3-SHA 11231 2.1447
z:AECDH-NULL-SHA 59 0.0113
z:AECDH-RC4-SHA 10599 2.024
z:DES-CBC-MD5 11791 2.2517
z:DES-CBC-SHA 36853 7.0376
z:DES-CBC3-MD5 24006 4.5843
z:ECDHE-RSA-NULL-SHA 63 0.012
z:EDH-RSA-DES-CBC-SHA 31633 6.0408
z:EXP-ADH-DES-CBC-SHA 208 0.0397
z:EXP-ADH-RC4-MD5 205 0.0391
z:EXP-DES-CBC-SHA 15360 2.9332
z:EXP-EDH-RSA-DES-CBC-SHA 12356 2.3596
z:EXP-RC2-CBC-MD5 18735 3.5777
z:EXP-RC4-MD5 19564 3.736
z:EXP1024-DES-CBC-SHA 4870 0.93
z:EXP1024-RC4-SHA 4967 0.9485
z:IDEA-CBC-MD5 2349 0.4486
z:NULL-MD5 227 0.0433
z:NULL-SHA 232 0.0443
z:NULL-SHA256 29 0.0055
z:RC2-CBC-MD5 12033 2.2979
z:RC4-64-MD5 968 0.1849
Cipher ordering Count Percent
-------------------------+---------+-------
Client side 134694 25.7217
Server side 388964 74.2783
Supported Handshakes Count Percent
-------------------------+---------+-------
ADH 903 0.1724
AECDH 11321 2.1619
DHE 286818 54.772
ECDH 3 0.0006
ECDHE 415495 79.3447
ECDHE and DHE 219028 41.8265
RSA 471189 89.9803
Supported PFS Count Percent PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits 162798 31.0886 56.76
DH,1536bits 1 0.0002 0.0003
DH,2048bits 116370 22.2225 40.5728
DH,2236bits 11 0.0021 0.0038
DH,2432bits 1 0.0002 0.0003
DH,3072bits 109 0.0208 0.038
DH,3092bits 1 0.0002 0.0003
DH,4094bits 1 0.0002 0.0003
DH,4096bits 7102 1.3562 2.4761
DH,512bits 43 0.0082 0.015
DH,768bits 450 0.0859 0.1569
DH,8192bits 2 0.0004 0.0007
ECDH,B-571,570bits 1628 0.3109 0.3918
ECDH,K-163,163bits 1 0.0002 0.0002
ECDH,K-571,570bits 1 0.0002 0.0002
ECDH,P-192,192bits 8 0.0015 0.0019
ECDH,P-224,224bits 71 0.0136 0.0171
ECDH,P-256,256bits 402982 76.9552 96.9884
ECDH,P-384,384bits 2860 0.5462 0.6883
ECDH,P-521,521bits 8826 1.6855 2.1242
Prefer DH,1024bits 59986 11.4552 20.9143
Prefer DH,1536bits 1 0.0002 0.0003
Prefer DH,2048bits 9957 1.9014 3.4715
Prefer DH,3072bits 13 0.0025 0.0045
Prefer DH,4096bits 345 0.0659 0.1203
Prefer DH,768bits 65 0.0124 0.0227
Prefer ECDH,B-571,570bits 1429 0.2729 0.3439
Prefer ECDH,K-163,163bits 1 0.0002 0.0002
Prefer ECDH,K-571,570bits 1 0.0002 0.0002
Prefer ECDH,P-224,224bits 55 0.0105 0.0132
Prefer ECDH,P-256,256bits 358890 68.5352 86.3765
Prefer ECDH,P-384,384bits 2659 0.5078 0.64
Prefer ECDH,P-521,521bits 7931 1.5145 1.9088
Prefer PFS 441333 84.2789 0
Support PFS 483285 92.2902 0
Supported ECC curves Count Percent
-------------------------+---------+--------
brainpoolP256r1 1825 0.3485
brainpoolP384r1 1827 0.3489
brainpoolP512r1 1828 0.3491
prime192v1 1461 0.279
prime256v1 413390 78.9427
prime256v1 Only 360620 68.8656
secp160k1 1415 0.2702
secp160r1 1422 0.2716
secp160r2 1414 0.27
secp192k1 1433 0.2737
secp224k1 1489 0.2843
secp224r1 3846 0.7344
secp256k1 3218 0.6145
secp384r1 53089 10.1381
secp384r1 Only 364 0.0695
secp521r1 22417 4.2808
secp521r1 Only 125 0.0239
sect163k1 1415 0.2702
sect163k1 Only 1 0.0002
sect163r1 1414 0.27
sect163r2 1414 0.27
sect193r1 1412 0.2696
sect193r2 1412 0.2696
sect233k1 1482 0.283
sect233r1 1481 0.2828
sect239k1 1481 0.2828
sect283k1 3187 0.6086
sect283r1 3187 0.6086
sect409k1 3189 0.609
sect409r1 3189 0.609
sect571k1 3201 0.6113
sect571r1 3201 0.6113
Unsupported curve fallback Count Percent
------------------------------+---------+--------
False 70006 13.3686
True 291129 55.5953
order-specific 72 0.0137
unknown 162451 31.0223
ECC curve ordering Count Percent
-------------------------+---------+--------
client 4674 0.8926
inconclusive-noecc 10 0.0019
server 409225 78.1474
unknown 109749 20.9581
TLSv1.2 PFS supported sigalgs Count Percent
------------------------------+---------+--------
ECDSA-SHA1 38366 7.3265
ECDSA-SHA1 Only 3 0.0006
ECDSA-SHA224 38357 7.3248
ECDSA-SHA256 49346 9.4233
ECDSA-SHA384 49344 9.4229
ECDSA-SHA512 49347 9.4235
ECDSA-SHA512 Only 3 0.0006
RSA-MD5 168481 32.1739
RSA-SHA1 361209 68.978
RSA-SHA1 Only 43815 8.3671
RSA-SHA224 296284 56.5797
RSA-SHA256 324294 61.9286
RSA-SHA256 Only 5869 1.1208
RSA-SHA384 297506 56.813
RSA-SHA384 Only 1 0.0002
RSA-SHA512 297620 56.8348
RSA-SHA512 Only 137 0.0262
TLSv1.2 PFS ordering Count Percent
------------------------------+---------+--------
client 238653 45.5742
indeterminate 202 0.0386
intolerant 4295 0.8202
order-fallback 10 0.0019
server 163641 31.2496
unsupported 21408 4.0882
TLSv1.2 PFS sigalg fallback Count Percent
------------------------------+---------+--------
ECDSA SHA1 38349 7.3233
ECDSA intolerant 24 0.0046
ECDSA pfs-rsa-SHA512 10983 2.0974
ECDSA soft-nopfs 1 0.0002
RSA False 167225 31.934
RSA SHA1 166732 31.8399
RSA intolerant 34038 6.5
RSA pfs-ecdsa-SHA512 5 0.001
RSA soft-nopfs 1316 0.2513
Renegotiation Count Percent
-------------------------+---------+--------
False 6661 1.272
insecure 19263 3.6785
secure 497734 95.0494
Compression Count Percent
-------------------------+---------+--------
1 (zlib compression) 9887 1.8881
False 6661 1.272
NONE 507110 96.8399
TLS session ticket hint Count Percent
-------------------------+---------+--------
1 2 0.0004
1 only 2 0.0004
2 2 0.0004
2 only 2 0.0004
5 2 0.0004
5 only 2 0.0004
10 8 0.0015
10 only 8 0.0015
15 9 0.0017
15 only 9 0.0017
30 10 0.0019
30 only 9 0.0017
60 96 0.0183
60 only 89 0.017
65 1 0.0002
65 only 1 0.0002
70 7 0.0013
75 1 0.0002
75 only 1 0.0002
100 18 0.0034
100 only 18 0.0034
120 26 0.005
120 only 26 0.005
128 3 0.0006
128 only 3 0.0006
150 2 0.0004
180 42 0.008
180 only 39 0.0074
200 1 0.0002
200 only 1 0.0002
240 12 0.0023
240 only 12 0.0023
300 242606 46.3291
300 only 238057 45.4604
302 3 0.0006
302 only 3 0.0006
360 2 0.0004
360 only 1 0.0002
400 8 0.0015
400 only 8 0.0015
420 119 0.0227
420 only 88 0.0168
480 12 0.0023
480 only 12 0.0023
500 5 0.001
500 only 5 0.001
540 1 0.0002
540 only 1 0.0002
600 25719 4.9114
600 only 25574 4.8837
700 1 0.0002
700 only 1 0.0002
720 2 0.0004
720 only 2 0.0004
840 1 0.0002
840 only 1 0.0002
900 781 0.1491
900 only 766 0.1463
960 2 0.0004
960 only 2 0.0004
1200 2230 0.4259
1200 only 2222 0.4243
1320 1 0.0002
1320 only 1 0.0002
1500 10 0.0019
1500 only 9 0.0017
1800 490 0.0936
1800 only 476 0.0909
2100 1 0.0002
2100 only 1 0.0002
2400 8 0.0015
2400 only 8 0.0015
2700 8 0.0015
2700 only 8 0.0015
3000 23 0.0044
3000 only 23 0.0044
3600 575 0.1098
3600 only 566 0.1081
3900 1 0.0002
3900 only 1 0.0002
4100 1 0.0002
4100 only 1 0.0002
4200 1 0.0002
5160 1 0.0002
5160 only 1 0.0002
5400 20 0.0038
5400 only 8 0.0015
6000 66 0.0126
6000 only 66 0.0126
7200 14981 2.8608
7200 only 14963 2.8574
10800 2576 0.4919
10800 only 2570 0.4908
14400 102 0.0195
14400 only 102 0.0195
18000 7 0.0013
18000 only 7 0.0013
21600 4999 0.9546
21600 only 4999 0.9546
25200 1 0.0002
25200 only 1 0.0002
28800 2018 0.3854
28800 only 1601 0.3057
36000 1153 0.2202
36000 only 1144 0.2185
43200 34 0.0065
43200 only 34 0.0065
60000 1 0.0002
60000 only 1 0.0002
64800 53897 10.2924
64800 only 53896 10.2922
72000 16 0.0031
72000 only 16 0.0031
84600 1 0.0002
84600 only 1 0.0002
86000 39 0.0074
86000 only 39 0.0074
86400 3516 0.6714
86400 only 3512 0.6707
100800 10300 1.9669
100800 only 10290 1.965
129600 9 0.0017
129600 only 9 0.0017
172800 6 0.0011
172800 only 6 0.0011
216000 1 0.0002
216000 only 1 0.0002
432000 2 0.0004
432000 only 2 0.0004
604800 1 0.0002
864000 4 0.0008
864000 only 4 0.0008
None 162322 30.9977
None only 157058 29.9925
Certificate sig alg Count Percent
-------------------------+---------+--------
None 11981 2.2879
ecdsa-with-SHA256 49307 9.4159
sha1WithRSAEncryption 86227 16.4663
sha256WithRSAEncryption 399420 76.275
sha384WithRSAEncryption 6 0.0011
sha512WithRSAEncryption 28 0.0053
Certificate key size Count Percent
-------------------------+---------+--------
ECDSA 256 49343 9.4228
ECDSA 384 15 0.0029
RSA 1024 56 0.0107
RSA 10240 8 0.0015
RSA 2047 1 0.0002
RSA 2048 464934 88.7858
RSA 2049 4 0.0008
RSA 2056 4 0.0008
RSA 2058 2 0.0004
RSA 2064 2 0.0004
RSA 2084 4 0.0008
RSA 2096 2 0.0004
RSA 2408 2 0.0004
RSA 2432 1 0.0002
RSA 2480 1 0.0002
RSA 3071 1 0.0002
RSA 3072 127 0.0243
RSA 3096 2 0.0004
RSA 3248 2 0.0004
RSA 4042 1 0.0002
RSA 4048 1 0.0002
RSA 4056 25 0.0048
RSA 4069 3 0.0006
RSA 4086 2 0.0004
RSA 4092 6 0.0011
RSA 4094 1 0.0002
RSA 4096 20149 3.8477
RSA 4098 1 0.0002
RSA 8192 4 0.0008
RSA/ECDSA Dual Stack 11039 2.1081
OCSP stapling Count Percent
-------------------------+---------+--------
Supported 113302 21.6366
Unsupported 410356 78.3634
Supported Protocols Count Percent
-------------------------+---------+-------
SSL2 24244 4.6297
SSL2 Only 19 0.0036
SSL3 122263 23.3479
SSL3 Only 484 0.0924
SSL3 or TLS1 Only 69496 13.2713
SSL3 or lower Only 503 0.0961
TLS1 518406 98.9971
TLS1 Only 41584 7.9411
TLS1 or lower Only 92178 17.6027
TLS1.1 418156 79.8529
TLS1.1 Only 267 0.051
TLS1.1 or up Only 4492 0.8578
TLS1.2 428200 81.7709
TLS1.2 Only 1845 0.3523
TLS1.2, 1.0 but not 1.1 10863 2.0744
Statistics from 549280 chains provided by 697275 hosts
Server provided chains Count Percent
-------------------------+---------+-------
complete 487661 69.9381
incomplete 27391 3.9283
untrusted 182223 26.1336
Trusted chain statistics
========================
Chain length Count Percent
-------------------------+---------+-------
2 114 0.0208
3 547038 99.5918
4 2101 0.3825
5 27 0.0049
CA key size in chains Count
-------------------------+---------
ECDSA 256 48991
ECDSA 384 48992
RSA 1024 101
RSA 2045 3
RSA 2048 865095
RSA 4096 137419
Chains with CA key Count Percent
-------------------------+---------+-------
ECDSA 256 48991 8.9191
ECDSA 384 48992 8.9193
RSA 1024 99 0.018
RSA 2045 3 0.0005
RSA 2048 499889 91.008
RSA 4096 136911 24.9255
Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384 48986
sha1WithRSAEncryption 92825
sha256WithRSAEncryption 287083
sha384WithRSAEncryption 122355
sha512WithRSAEncryption 72
Eff. host cert chain LoS Count Percent
-------------------------+---------+-------
80 92922 16.9171
112 407358 74.1622
128 49000 8.9208
Root CAs Count Percent
---------------------------------------------+---------+-------
(d6325660) COMODO RSA Certification Authority 113492 20.662
(2c543cd1) GeoTrust Global CA 107601 19.5895
(eed8c118) COMODO ECC Certification Authority 48977 8.9166
(cbf06781) Go Daddy Root Certificate Authorit 47939 8.7276
(5ad8a5d6) GlobalSign Root CA 44123 8.0329
(b204d74a) VeriSign Class 3 Public Primary Ce 29359 5.345
(244b5494) DigiCert High Assurance EV Root CA 25999 4.7333
(2e4eed3c) thawte Primary Root CA 23372 4.255
(157753a5) AddTrust External CA Root 20188 3.6754
(653b494a) Baltimore CyberTrust Root 12053 2.1943
(ae8153b9) StartCom Certification Authority 9139 1.6638
(fc5a8f99) USERTrust RSA Certification Author 8775 1.5975
(3513523f) DigiCert Global Root CA 8281 1.5076
(4bfab552) Starfield Root Certificate Authori 8226 1.4976
(480720ec) GeoTrust Primary Certification Aut 5570 1.0141
Scan performed between 19th of October and 9th of November 2015
--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web:
www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic