Making RAID work (dm-integrity with MD-RAID)

Two years ago, I wrote how RAID doesn’t work, as it’s unable to detect silent data corruption. We tried to see what happens if we inject data corruption and unfortunately Linux 4.16.6 wasn’t able to differentiate between hardware failures and soft failures coming from dm-integrity.

As those bugs are fixed now, let’s see how to configure Fedora or RHEL (with dracut) and Archlinux (with mkinitcpio) to automatically assemble the MD-RAID on dm-integrity volumes so that the root file system can reside on them.

Word of caution

As we’re modifying disk partitions and completely overwriting them, modifying boot-time configuration and in general performing rather complex and advanced configuration, make sure you have good and current backups of the data you care about!

Basic configuration

First, we need to prepare partitions for the volumes that will be used by dm-integrity. There are no special requirements for them, but it’s a good idea to keep them aligned to 1MiB boundaries. That’s especially important when working with SSDs or with HDDs that have 4KiB native sectors (so called Advanced Format disks). Current versions of tools like parted do that automatically.

As most hard disks do come in 4KiB sector sizes (and future replacements are only more and more likely to be like this), we need to format the partition with a 4096B sector size.

The main feature of dm-integrity is the calculation and verification of checksums, as such we need a checksum that is fast enough. To do a quick benchmark, you may use OpenSSL:

$ openssl speed md5 sha1 sha256 sha512
...
 type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes  16384 bytes
 md5             165603.90k   373152.90k   664617.35k   816564.66k   871069.01k   882553.30k
 sha1            185971.19k   427639.36k   846229.23k  1108107.61k  1228931.51k  1233747.97k
 sha256           99550.05k   219782.83k   413438.72k   517541.21k   556638.21k   559961.43k
 sha512           64932.77k   258782.93k   459379.29k   693776.04k   799465.47k   810766.90k

(Technically, we should benchmark the kernel hash performance as that’s what we’ll use, but I didn’t find an easy way to do that. Drop me a line if you know how to do it.)

As I wrote previously, by default dm-integrity uses a crc32 checksum, it’s small and possibly used by the disks themselves to check for read errors, thus we want to use something different. I’ll use SHA-1 in the following examples. You may also have good experience with BLAKE2b-256.

Finally, as the purpose of the checksums is just to detect accidental errors, not malicious changes, we don’t need the full output of the hash function. I’ve selected 8 bytes per sector (see the previous article for reasons why).

Let’s format the partitions (in this example a 4-disk RAID 6 array; switch the sda1, sdb1, sdc1 and sdd1 to the partitions you are actually using).

integritysetup format /dev/sda1 --sector-size 4096 --tag-size 8 --integrity sha1
integritysetup format /dev/sdb1 --sector-size 4096 --tag-size 8 --integrity sha1
integritysetup format /dev/sdc1 --sector-size 4096 --tag-size 8 --integrity sha1
integritysetup format /dev/sdd1 --sector-size 4096 --tag-size 8 --integrity sha1

This process will run for few hours on a modern multi-terabyte hard-drive so I suggest running them in parallel.

Once the devices are formatted we need to open them. Note: as the integritysetup superblock doesn’t save the algorithm used to calculate the checksums, you need to specify the --integrity option every time you open the device!

integritysetup open /dev/sda1 int1 -I sha1
integritysetup open /dev/sdb1 int2 -I sha1
integritysetup open /dev/sdc1 int3 -I sha1
integritysetup open /dev/sdd1 int4 -I sha1

This will create 4 block devices in the /dev/mapper directory named int1, int2, int3 and int4 (you can use other names too, like int-sda1 or such).

Opening the devices during boot

There are no ready to use standards to mount the dm-integrity volumes on boot so we need to modify the initramfs used by kernel to mount them ourselves.

Fedora

Fedora for a long time now has been using the dracut initramfs. It’s also used in RHEL-8 and CentOS 8, so the instructions for them are the same too. I’ve tested it with Fedora 31 and CentOS 8.3

Dracut uses a system of modules which automatically detect if they need to be included in the initramfs or not. After that it uses udev to detect when new devices show up and what to do with them. As such, we need to create a system of files that will automatically detect when the dm-integrity block devices show up and what to do with them (how to name the integrity device and what hash to use).

I’ve created the necessary files in the dracut-dm-integrity project on github.

As instructions in the README.md state, you need to copy the files from scripts directory to the /usr/lib/dracut/modules.d/90integrity directory. After that, edit the integrity-mount.sh to make it mount your integrity volumes. Finally, run dracut -f to include this new module in the initramfs.

Archlinux

Archlinux uses fairly simple system for construction of its initramfs. The modules live in the /usr/lib/initcpio/ directory and are enabled using the /etc/mkinitcpio.conf file.

You can find ready to use scripts in the mkinitcpio-dm-integrity repository.

Don’t forget to run mkinitcpio -P every time you edit /etc/mkinitcpio.conf!

MD-RAID creation

After restarting the system to verify that the devices are automatically opened on startup, we can create an MD RAID array on top of them.

The one special option that is beneficial to the arrays built on top of dm-integrity is specifying the size of chunk. As when writing data to dm-integrity device both the sector with data and the sector with checksums needs to be updated, performing writes large enough to update all checksums in a sector will mean that the sector with checksums doesn’t have to be read first to modify just part of it. In our example, the checksums are 8 bytes large, which means in a 4096 B sector we fit 512 checksums. So a write needs to be a multiple of: 512 (checksums in a sector) * 4096 (sector size) = 2097152 B = 2MiB, to not cause a read-modify-write operation. This option is specified in KiB, by default it’s 512KiB.

To create the MD-RAID use the following command: 

mdadm -C /dev/md0 -n 4 -l 6 --chunk 2048 --assume-clean /dev/mapper/int[1234]
(we can use --assume-clean as integrtitysetup format creates volumes initialised to all zero)

Such an MD-RAID will require the usual setup of adding its settings to /etc/mdadm.conf and regenerating the initramfs again: 

mdadm --detail --scan >> /etc/mdadm.conf
The reduced write speed caused by journaling on dm-integrity level means that making sure that the stripe_cache_size (in this case /sys/block/md0/md/stripe_cache_size) is tuned properly is even more important. In my experience setting it to at lest 4096 is a good idea and 8192 is where I see diminishing returns.

Usage

Such MD-RAID can be used as usual, as a backing device for a file system or to put the Physical Volume of an LVM2 system. One thing to note is because we created the md-integrity volumes with 4096B sectors, it presents a block device with 4096B native sectors. From what I’ve noticed, ext4 and btrfs don’t mind getting migrated from a 512B sector disk to a 4096B sector disk. The file system that did, is XFS, it refused to mount. If you still need to mount such an fs stored on such an array, you may want to use the dm-ebs module to emulate the 512B sectors. I haven’t tried it though.

If you want to create an XFS that uses such an array (4 disks in RAID 6, with 4KiB sectors and 8 byte checksums), you can use mkfs.xfs -d su=2M,sw=2 /dev/md0 to do so. That being said, with standard MD-RAID, it will automatically detect those settings.

Update 2020-10-03: in the above mkfs.xfs command there was an error, the sw option indicates number of data disks in a stripe. As we’re using RAID 6, we loose two disks to checksums, we’re using 4 disks total, so we’re left with two disks in a stripe

“Constant time” compare in Python

You may be familiar with the following piece of code to implement the constant time comparison function for strings:

def constant_time_compare(val1, val2):
    if len(val1) != len(val2):
        return False
    result = 0
    for x, y in zip(val1, val2):
        result |= x ^ y
    return result == 0

The idea behind this code is to compare all bytes of input using a flag value that will be flipped in any of the comparisons fail. Only when all the bytes were compared, is the ultimate result of the method returned. This is used to thwart attacks that use the time of processing queries to guess secret values.

Unfortunately, because of CPython specifics, this code doesn’t work for its intended purpose.

Sensitive code should always use hmac.compare_digest() method and you should not write code that needs to be side channel secure in Python.

With the tl;dr version out, let’s investigate why.

Timing side channel

Many attacks against cryptographic implementations don’t actually use maths to compromise the systems. The Bleichenbacher Million Messages attack, POODLE and Lucky 13 attacks use some kind of a side channel to guess the contents of encrypted messages, either the timing of responses or contents of responses (different TLS Alert description field values).

Side channel attacks don’t impact only cryptographic protocols, other places where secret values need to be compared to values that are controlled by attacker, like checking password equality, API tokens and HMAC value validation need to be performed in constant time too.

Already back in 00’s, differences in timing as low as 100ns could be distinguished over LAN environment. See research by Crosby at al. in Opportunities And Limits Of Remote Timing Attacks and Brumley and Boneh in Remote TIming Attacks are Practical. Currently we also have to worry about cross VM or cross-process attacks where ability to distinguish between single cycles may be possible.

Measuring timing differences

Let’s see what happens if we use the simple way to compare two strings in python, the == operator.

Benchmarking code:

import perf

setup = """
str_a = b'secret API key'

alt_s = b'XXXXXXXXXXXXXX'

str_b = str_a[:{0}] + alt_s[{0}:]

assert len(str_a) == len(str_b)
"""

fun = """str_a == str_b"""

if __name__ == "__main__":
    total_runs = 128
    runs_per_process = 4
    runner = perf.Runner(values=runs_per_process,
                         warmups=16,
                         processes=total_runs//runs_per_process)
    vals = list(range(14))  # length of str_a
    for delta in vals:
        runner.timeit("eq_cmp delta={0:#04x}".format(delta),
                      fun,
                      setup=setup.format(delta))

Running it will simulate what timings does the attacker see when the difference from the expected value is at different positions in the attacker provided string.

PYTHONHASHSEED=1 python3 timing-eq_cmp-perf.py \
-o timing-eq_cmp-perf-1.py --fast

.................
eq_cmp delta=0x00: Mean +- std dev: 18.4 ns +- 0.0 ns
.................
eq_cmp delta=0x01: Mean +- std dev: 20.8 ns +- 0.0 ns
.................
eq_cmp delta=0x02: Mean +- std dev: 20.8 ns +- 0.0 ns
.................
eq_cmp delta=0x03: Mean +- std dev: 20.8 ns +- 0.0 ns
.................
eq_cmp delta=0x04: Mean +- std dev: 20.8 ns +- 0.0 ns
.................
eq_cmp delta=0x05: Mean +- std dev: 20.8 ns +- 0.0 ns
.................
eq_cmp delta=0x06: Mean +- std dev: 20.8 ns +- 0.0 ns
.................
eq_cmp delta=0x07: Mean +- std dev: 20.8 ns +- 0.0 ns
.................
eq_cmp delta=0x08: Mean +- std dev: 21.3 ns +- 0.0 ns
.................
eq_cmp delta=0x09: Mean +- std dev: 21.3 ns +- 0.0 ns
.................
eq_cmp delta=0x0a: Mean +- std dev: 21.3 ns +- 0.0 ns
.................
eq_cmp delta=0x0b: Mean +- std dev: 21.3 ns +- 0.0 ns
.................
eq_cmp delta=0x0c: Mean +- std dev: 21.3 ns +- 0.0 ns
.................
eq_cmp delta=0x0d: Mean +- std dev: 21.3 ns +- 0.0 ns

Already we can see that the difference in timing when the first different byte is at fist position or the second position is quite huge, looking at a box plot of the specific values makes it quite obvious:

a = read.csv(file="timing-eq_cmp-perf-1.csv", header=FALSE)
data = as.matrix(a)
boxplot(t(data))

timing-eq_cmp-perf-1-boxplot

Let’s see how does it compare to the "constant_time"_compare. First the code:

import perf

setup = """
def constant_time_compare(val1, val2):
    if len(val1) != len(val2):
        return False
    result = 0
    for x, y in zip(val1, val2):
        result |= x ^ y
    return result == 0

str_a = b'secret API key'

alt_s = b'XXXXXXXXXXXXXX'

str_b = str_a[:{0}] + alt_s[{0}:]

assert len(str_a) == len(str_b)
"""

fun = """constant_time_compare(str_a, str_b)"""

if __name__ == "__main__":
    total_runs = 128
    runs_per_process = 4
    runner = perf.Runner(values=runs_per_process,
                         warmups=16,
                         processes=total_runs//runs_per_process)
    vals = list(range(14))  # length of str_a
    for delta in vals:
        runner.timeit("ct_eq_cmp delta={0:#04x}".format(delta),
                      fun,
                      setup=setup.format(delta))

The test run:

PYTHONHASHSEED=1 python3 timing-ct_eq_cmp-perf.py \
-o timing-ct_eq_cmp-perf-1.json --fast

.................
ct_eq_cmp delta=0x00: Mean +- std dev: 1.36 us +- 0.02 us
.................
ct_eq_cmp delta=0x01: Mean +- std dev: 1.37 us +- 0.01 us
.................
ct_eq_cmp delta=0x02: Mean +- std dev: 1.37 us +- 0.01 us
.................
ct_eq_cmp delta=0x03: Mean +- std dev: 1.37 us +- 0.01 us
.................
ct_eq_cmp delta=0x04: Mean +- std dev: 1.37 us +- 0.01 us
.................
ct_eq_cmp delta=0x05: Mean +- std dev: 1.37 us +- 0.00 us
.................
ct_eq_cmp delta=0x06: Mean +- std dev: 1.36 us +- 0.01 us
.................
ct_eq_cmp delta=0x07: Mean +- std dev: 1.35 us +- 0.01 us
.................
ct_eq_cmp delta=0x08: Mean +- std dev: 1.35 us +- 0.01 us
.................
ct_eq_cmp delta=0x09: Mean +- std dev: 1.34 us +- 0.00 us
.................
ct_eq_cmp delta=0x0a: Mean +- std dev: 1.35 us +- 0.00 us
.................
ct_eq_cmp delta=0x0b: Mean +- std dev: 1.33 us +- 0.01 us
.................
ct_eq_cmp delta=0x0c: Mean +- std dev: 1.33 us +- 0.01 us
.................
ct_eq_cmp delta=0x0d: Mean +- std dev: 1.32 us +- 0.01 us

The results don’t look too bad, but there’s definitely a difference between the first and last one, even accounting for one standard deviation between them. Let’s see the box plot:

a = read.csv(file="timing-ct_eq_cmp-perf-1.csv", header=FALSE)
data = as.matrix(a)
boxplot(t(data))

timing-ct_eq_cmp-perf-1

That doesn’t look good. Indeed, if we compare the distributions for the different delta values using the Kolmogorov–Smirnov test, we’ll see that results for all deltas are statistically different:

a = read.csv(file="timing-ct_eq_cmp-perf-1.csv", header=FALSE)
data = as.matrix(a)
r = c()
for (i in c(1:length(data[,1]))){
  r[i] = ks.test(data[1,], data[i,])$p.value}
which(unlist(r) < 0.05/(length(data1[,1])-1))

 [1]  2  3  4  5  6  7  9 10 11 12 13 14

Which means that the distributions are statistically distinguishable. (The 0.05 p-value is divided by the amount of performed tests because we're applying the Bonferroni correction)

To make sure, we re-run the test 4 more times and check for correlation between medians (as the distributions are unimodal, median is robust statistic).

require(corrplot)

a = read.csv(file="timing-ct_eq_cmp-perf-1.csv", header=FALSE)
data = as.matrix(a)
vals = cbind(apply(data, 1, median))

for (i in 2:5) {
  name = paste("timing-ct_eq_cmp-perf-", i, ".csv", sep="")
  a = read.csv(file=name, header=FALSE)
  data = as.matrix(a)
  vals = cbind(vals, apply(data, 1, median))
}
corrplot(cor(vals, method="spearman"), method="ellipse")

timing-ct_eq_cmp-perf-corrplot
There is a very strong correlation between all the different runs, so indeed, it does look like the function is leaking timing information.
Note, we’re using the "spearman" correlation statistic as the values are not normally distributed.

Let’s compare it to the hmac.compare_digest() method:

import perf

setup = """
from hmac import compare_digest

str_a = b'secret API key'

str_b = b''.join((str_a[:{0}], b'X' * (14 - {0})))

assert len(str_a) == len(str_b)
assert len(str_a) == 14
"""

fun = """compare_digest(str_a, str_b)"""

if __name__ == "__main__":
    total_runs = 128
    runs_per_process = 4
    runner = perf.Runner(values=runs_per_process,
                         warmups=64,
                         processes=total_runs//runs_per_process)
    vals = list(range(14))  # length of str_a
    for delta in vals:
        runner.timeit("compare_digest delta={0:#04x}".format(delta),
                      fun,
                      setup=setup.format(delta))

PYTHONHASHSEED=1 python3 timing-compare_digest-perf.py \
-o timing-compare_digest-perf-1.json --rigorous

a = read.csv(file="timing-compare_digest-perf-1.csv", header=FALSE)
data = as.matrix(a)
boxplot(t(data))

timing-compare_digest-perf-1

While there is some difference that depends on where the first differing byte is, there is no difference between first and second byte, and the “step” around 8th byte is only around it (when comparing longer strings, I still see just one step at the beginning and one at the end). I have no good explanation for it. That being said, the difference between medians of the 2nd byte and 11th byte is 0.240 ns, for comparison, one cycle of the CPU (4Ghz) on which the test is running takes 0.250 ns. So I’m assuming that it is not detectable over the network, but may be detectable in cross-VM attacks.

To confirm the results I’ve run the test with simple == for 255 byte long strings and with using the hmac.compare_digest().

Results for ==:

a = read.csv(file="timing-eq_cmp-2-perf-1.csv", header=FALSE)
data = as.matrix(a)
boxplot(t(data))

timing-eq_cmp-2-perf-1.png
As expected, obvious steps that are directly dependant on the amount of matching data between the two parameters to the operator.

Results for compare_digest():

a = read.csv(file="timing-compare_digest-8-perf-1.csv", header=FALSE)
data = as.matrix(a)
boxplot(t(data), ylim=c(min(data), quantile(data, 0.99)))

timing-compare_digest-8-perf-1
They are quite noisy, but what the grouping around 2.239e-7 hints at (the thick horizontal line comprised of circles), is that the distribution is not unimodal (otherwise the outliers would look like the ones below the boxes). Let’s see what are the counts for different time bins, as in a histogram, in detail:

require("lattice")
a = read.csv(file="timing-compare_digest-8-perf-1.csv", header=FALSE)
data = as.matrix(a)
h <- hist(data, breaks=200,plot=FALSE)
breaks = c(h$breaks)
mids = c(h$mids)
hm <- rbind(hist(data[1,], breaks=breaks, plot=FALSE)$counts)
for (i in c(2:length(data[,1]))) {
  hm <- rbind(hm, hist(data[i,], breaks=breaks, plot=FALSE)$counts)}

d = data.frame(x=rep(seq(1, nrow(hm), length=nrow(hm)), ncol(hm)),
               y=rep(mids, each=nrow(hm)),
               z=c(hm))
levelplot(z~x*y, data=d, xlab="delta", ylab="time (s)",
  ylim=c(min(data), quantile(data, 0.99)))

timing-compare_digest-8-perf-1-levelplot.png
We can see now, that even though the measurements with delta between 0 and 8 and 249 and 255 look very different on the box plot, it’s more because a third mode was added to them rather than one of the other two was removed. Statistical test confirms this:

a = read.csv(file="timing-compare_digest-8-perf-1.csv", header=FALSE)
data = as.matrix(a)
r = c()
for (i in c(1:length(data[,1]))){
  r[i] = ks.test(data[19,], data[i,])$p.value}
which(unlist(r) < 0.05/nrow(data))

 [1]   1   2   3   4   5   6   7   8  36  37  38  39  41  45  46  49  50  51  52
[20]  53  54 249 250 251 252 253 254 255

(the deltas between 36 and 54 are a fluke that subsequent quick runs didn't show).

Note about benchmarking

You may have noticed that the data we have collected, has very low amounts of noise. While it is partially the result of use of the perf module instead of the timeit library module, it mostly is the result of careful system configuration.

On the benchamrking system, the following tasks were performed:

  • 3rd and 4th core were isolated
  • kernel RCU was disabled on the isolated cores
  • HyperThreading was disabled in BIOS
  • Intel TurboBoost was disabled
  • Intel power management was disabled (no C-states or P-states other than C0 were allowed)
  • CPU frequency was locked in place to 4Ghz (the nominal for the i7 4970K of the workstation used)
  • Decreasing maximum perf probe query rate to 1 per second
  • Disabling irqbalance and setting default IRQ affinity to un-isolated cores
  • ASRL disabled
  • Python hash table seed fixed

Those operations can be performed by:

  1. Adding isolcpus=2,3 rcu_nocbs=2,3 processor.max_cstate=1 idle=poll to the kernel command line
  2. Disabling HyperThreading in BIOS
  3. Running python3 -m perf system tune
  4. Disabling ASLR by running echo 0 > /proc/sys/kernel/randomize_va_space
  5. exporting the PYTHONSEED environment variable

Documentation of the perf module provides most of the explanations of the particular options, but we diverge in two places: ASLR and Python hash seed. The purpose of the perf module is to test the overall performance of a piece of Python code (and compare it to either compilation or different implementation). Because Python is a language than answers the question “what if everything was a hash table” ;), that means the names of variables, memory positions of variables or code, number of variables, and particular hash table key have significant impact on performance. But, because we are interested if an attacker is able to tell behaviour of code between two different inputs, and those two inputs will likely be processed by the same process, both the ASLR seed and the Python hash table seeds will be constant from the point of view of the attacker. To speed up finding the expected value for particular inputs I thus opted out of those randomisation mechanisms.

Expectations of behaviour

You may wonder, why is the Python code so unstable, so data dependant, if the implementation of hmac.compare_digest() is doing exactly the same thing (xor-ing the values together and then or-ing result with a guard variable)? The problem stems from the fact that the Python int and C unsigned char are vastly different data types – one is used for arbitrary precision arithmetic while the other can store just 256 unique values. Thus, even such simple operations like xor or or with two small integers are data dependant in Python.

Let’s see how much time does the Python VM need for those two small integers. (Unfortunately, it looks like perf uses the slow json module, and because it exports results after every loop iteration, after few hundred results, the export takes more time than benchmarking. To make it fast enough, and not waste few days on exporting the same data over and over again, we will use timeit module.)

Script:

import timeit
import sys
import math

setup = """
val_a = {0}

val_b = {1}
"""

fun = """val_a ^ val_b"""

def std_dev(vals):
    avg = sum(vals)/len(vals)
    sum_sq = sum((i - avg)**2 for i in vals)
    return math.sqrt(sum_sq / (len(vals) - 1))

if __name__ == "__main__":
    total_runs = 20
    runs_per_process = 3
    warmups = 16

    runner = timeit.Timer(fun, setup=setup.format(0, 0))
    number, delay = runner.autorange()
    number //= 2
    delay /= 2

    print(("will do {0} iterations per process, "
           "expecting {1:7.2} s per process")
          .format(number, delay), file=sys.stderr)
    print("warmups:", file=sys.stderr, end='')
    sys.stderr.flush()
    for _ in range(warmups):
        timeit.repeat(fun, setup=setup.format(0, 0), repeat=1,
                      number=number)
        print(".", file=sys.stderr, end='')
        sys.stderr.flush()
    print(file=sys.stderr)

    for a in range(256):
        for b in range(256):
            res = []
            for _ in range(total_runs // runs_per_process):
                # drop the first result as a local warmup
                res.extend(i / number for i in
                           timeit.repeat(fun,
                                         setup=setup.format(a, b),
                                         repeat=runs_per_process + 1,
                                         number=number)[1:])
                print(".", file=sys.stderr, end='')
                sys.stderr.flush()
                if std_dev(res)  timing-xor-2-timeit-1.csv


require("lattice")
a = read.csv(file="timing-xor-2-timeit-1.csv",
             header=FALSE, col.names=seq(1, 20),
             fill=TRUE)
data = as.matrix(a)
med = apply(data, 1, median, na.rm=TRUE)
# full lines
len = length(med)
columns = ceiling(length(med) / 256)
d = data.frame(x=rep(seq(0, 255), length.out=len, 256),
               y=rep(seq(0, 255), length.out=len, each=256),
               z=med)
my.at = seq(min(med), max(med), length=40)
levelplot(z~x*y, data=d, xlab="b", ylab="a",
          at=my.at, aspects="iso",
          colorkey=list(at=my.at, labels=list(at=my.at)))

timing-xor-2-timeit-1.png
While there few repeating patterns, there are 4 things that are of particular importance – behaviour when the two numbers are equal (the lighter diagonal), when both are zero, or when one of the operands is zero. The difference between the background and the diagonal is small, just 0.555 ns, but that translates to about 2 cycles at 4GHz. The difference between the 0, 0 and the backgrounds is even smaller, just 0.114 ns, so half a cycle. The difference between the background and the situations when the second variable is non-zero is about 2.24 ns which translates to about 9 cycles. When the first variable is non-zero and the second is, the difference is about 1.39 ns which is about 6 cycles. Here’s the zoomed in part of the graph for the small numbers:
timing-xor-2-timeit-1-zoom.png

The binary or operator is similarly dependant on values of parameters:
timing-or-timeit-1

Both of those things put together mean that using the supposedly constant time compare doesn’t actually protect against timing attacks, but rather makes them easier. The strength of the signal for different inputs is about 100 time stronger, likely allowing them even over Internet, not only over LAN (as is the case for == operator).

Anything else?

Because I started looking into those microbenchmarks to verify the “constant” time CBC MAC and pad check from tlslite-ng, needed to protect against Lucky 13 (see the very extensive article by Adam Langley on the topic), I’ve also checked if it is possible to speed up the process of hashing data. Because on the Python level we don’t have the luxury of access to lower level hash APIs, as the developers of OpenSSL have, to implement the CBC check, I wrote code that in fact calculates 256 different hmacs for every record that contains at least 256 bytes of data + padding. That means that for every record processed, the client and server actually process 64 KiB of additional data. In theory (that is, if the hmac itself is constant time), we could speed the process of checking the mac and de-padding in TLS dramatically, if we could hash the data just once, as OpenSSL is doing in its TLS implementation. You may say, “but hashes are implemented in C, surely they are constant time!”. To which I’ll answer, “what did we say about trusting assumptions?”.

Let’s see how our assumptions hold. First code that hashes all of provided data, but returns also a hash from the “middle” of data (in a TLS implementation that would be the real HMAC that we need to compare to the one from record):

import perf

setup = """
import hmac
from hashlib import sha1

def fun(digest, data, split):
    digest.update(data[:split])
    ret = digest.copy().digest()
    digest.update(data[split:])
    return ret, digest.digest()

str_a = memoryview(b'X'*256)
key = b'a' * 32

val_b = {0}

mac = hmac.new(key, digestmod=sha1)
"""

fun = """fun(mac.copy(), str_a, val_b)"""

if __name__ == "__main__":
    total_runs = 128
    runs_per_process = 4
    runner = perf.Runner(values=runs_per_process,
                         warmups=16,
                         processes=total_runs//runs_per_process)
    vals = list(range(256))  # length of str_a
    for delta in vals:
        runner.timeit("hmac split delta={0:#04x}".format(delta),
                      fun,
                      setup=setup.format(delta))

Command to gather the statistics:

PYTHONHASHSEED=1 python3 timing-hmac-split-perf.py \
-o timing-hmac-split-perf-1.json

And a way to visualise them:

require("lattice")
a = read.csv(file="timing-hmac-split-perf-1.csv", header=FALSE)
data = as.matrix(a)
h <- hist(data, breaks=200,plot=FALSE)
breaks = c(h$breaks)
mids = c(h$mids)
hm <- rbind(hist(data[1,], breaks=breaks, plot=FALSE)$counts)
for (i in c(2:length(data[,1]))) {
  hm <- rbind(hm, hist(data[i,], breaks=breaks, plot=FALSE)$counts)}

d = data.frame(x=rep(seq(1, nrow(hm), length=nrow(hm)), ncol(hm)),
               y=rep(mids, each=nrow(hm)),
               z=c(hm))
levelplot(z~x*y, data=d, xlab="delta", ylab="time (s)",
  ylim=c(min(data), quantile(data, 0.99)))

timing-hmac-split-perf-1
Besides the obvious peaks since 56th to 64th byte every 64 bytes (caused by an additional hash block that had to be padded to calculate the intermediate HMAC), there is also a dip for the first byte of the 64 byte block and a second dip for bytes between 20 and 55 of every block. Finally, when the split is about even (in that the intermediate hash is calculated over the first 120 bytes), the whole operation takes measurably longer. In short, if the position of the intermediate hash comes from the last byte of encrypted data (as it does in TLS), calculating HMAC like this has a definite sidechannel leak.

To confirm, let’s perform Kolomogorov-Smirnov test:

a = read.csv(file="timing-hmac-split-perf-1.csv", header=FALSE)
data = as.matrix(a)
r=c()
for (i in c(1:nrow(data))){
   r[i] = ks.test(data[2,], data[i,])$p.value}
which(unlist(r) < 0.05/(nrow(normalised)-1))

(we're testing against second row as the first row (for delta of 0) is obviously different from the others so all tests failing wouldn’t be unexpected)

  [1]   1  21  23  26  44  57  58  59  60  61  62  63  64  69  71  75  77  78
 [19]  80  81  82  83  92  93  94  95  96  98  99 100 103 104 109 114 118 121
 [37] 122 123 124 125 126 127 128 130 131 132 133 134 135 136 137 138 139 140
 [55] 141 142 143 144 145 146 147 160 161 163 165 169 170 171 172 173 174 175
 [73] 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 215
 [91] 217 218 249 250 251 252 253 254 255 256

Quite obviously different, even with just 128 samples per delta value.

Summary

Moral of the story is, don’t use something without testing if it behaves as it claims to. If it does have tests, verify that they check your expectations, not only the programmers that wrote it in the first place.

State your assumptions and test them. If values look similar, measure them multiple times, and use statistical methods to compare them.

Test setup

Tests were performed, as previously mentioned, on an Intel i7 4790K CPU. The system was running Linux 4.17.5-1-ARCH with Python 3.6.6-1 and perf 1.5.1 from Archlinux.

Conversion from json files to csv files was performed using json-to-csv.py script available at the testing repo, together with raw results, at github.

Post scriptum

Other operations on integers, including equality are also not constant time:

import timeit
import sys
import math


setup = """
val_a = {0}

val_b = {1}
"""


fun = """val_a == val_b"""


def std_dev(vals):
    avg = sum(vals)/len(vals)
    sum_sq = sum((i - avg)**2 for i in vals)
    return math.sqrt(sum_sq / (len(vals) - 1))


if __name__ == "__main__":
    total_runs = 3
    runs_per_process = 3
    warmups = 16

    runner = timeit.Timer(fun, setup=setup.format(0, 0))
    number, delay = runner.autorange()
    number //= 100
    delay /= 100

    print("will do {0} iterations per process, "
          "expecting {1:7.2} s per process"
          .format(number, delay), file=sys.stderr)
    print("warmups:", file=sys.stderr, end='')
    sys.stderr.flush()
    for _ in range(warmups):
        timeit.repeat(fun, setup=setup.format(0, 0), repeat=1,
                      number=number)
        print(".", file=sys.stderr, end='')
        sys.stderr.flush()
    print(file=sys.stderr)

    for a in range(256):
        for b in range(256):
            res = []
            for _ in range(total_runs // runs_per_process):
                # drop the first result as a local warmup
                res.extend(i / number for i in
                           timeit.repeat(fun,
                                         setup=setup.format(a, b),
                                         repeat=runs_per_process+1,
                                         number=number)[1:])
                print(".", file=sys.stderr, end='')
                sys.stderr.flush()
                if std_dev(res)  timing-eq-timeit-1.csv

Execution:

PYTHONHASHSEED=1 taskset -c 2 python3 \
-u timing-eq-timeit.py > timing-eq-timeit-1.csv

Code to create the graph:

require("lattice")
a = read.csv(file="timing-eq-timeit-1.csv", header=FALSE,
             col.names=seq(1, 20), fill=TRUE)
data = as.matrix(a)
med = apply(data, 1, median, na.rm=TRUE)
# full lines
len = length(med)
columns = ceiling(length(med) / 256)
d = data.frame(x=rep(seq(0, 255), length.out=len, 256),
               y=rep(seq(0, 255), length.out=len, each=256),
               z=med)
my.at = seq(min(med), max(med), length=40)
levelplot(z~x*y, data=d, xlab="b", ylab="a",
          at=my.at, colorkey=list(at=my.at, labels=list(at=my.at)))

timing-eq-timeit-1
So it looks to me like the xor operation is actually one of the more constant time primitives…

RAID doesn’t work!

Now, that we have the clickbaity title out of the way, let’s talk about data integrity. Specifically, disk data integrity on Linux.

RAID, or as it is less well known, Redundant Array of Independent Disks is a way to make the stored data more resilient against disk failure. Unfortunately it does not work against silent data corruption, which in studies from CERN were present in the 10-7 range, other studies have also shown non-negligible rates of data corruption.

You may say, OK, I understand fixing it doesn’t work for RAID 1 with just two copies, or with RAID 5, as you don’t know which data is correct – as any one of them can be – surely the system is more clever if it has RAID 6 or 3 drives in RAID! Again, unfortunately it isn’t so. Careful reading of the md(4) man page will reveal this fragment:

If check was used, then no action is taken to handle the mismatch, it is simply recorded. If repair was used, then a mismatch will be repaired in the same way that resync repairs arrays. For RAID5/RAID6 new parity blocks are written. For RAID1/RAID10, all but one block are overwritten with the content of that one block.

In other words, the RAID depends on the disks telling the truth: if it can’t read data, it needs to return I/O error, not return garbage. But as we’ve established, this isn’t the way disks behave.

Now you may say, but I use disk encryption! Surely encryption will detect this data modification and prevent use of damaged/changed data! Again, this is not the property of either AES in XTS mode or in CBC mode â€“ the standard modes of encryption for disk drives – those are so-called malleable encryption modes. There is no way to detect ciphertext modification for them in general case.

This was one of the main reasons behind Btrfs and ZFS; checksumming all data and metadata so that detection of such incorrect blocks could be possible (so that at the very least this corruption is detected and doesn’t reach the application) and with addition of the in-build RAID levels, also corrected.

What if you don’t want to (or likely can’t, in case of ZFS) use either of them? Until recently, there was not much you could do. Introduction of the dm-integrity target has changed that though.

Using dm-integrity in LUKS

dm-integrity target is best integrated with LUKS disk encryption.

To enable it, the device needs to be formatted as a LUKS2 device, and integrity mechanism needs to be specified:

cryptsetup luksFormat --type luks2 --integrity hmac-sha256 \
--sector-size 4096 /dev/example/ciphertext

(Other options include --integrity hmac-sha512 and --cipher chacha20-random --integrity poly1305. Smaller tags will be discussed below)

which then can be opened as a regular LUKS device:

cryptsetup open --type luks /dev/example/ciphertext plaintext

This will create a /dev/mapper/plaintext device that is encrypted and integrity protected.
And the /dev/mapper/plaintext_dif that provides storage for authentication tags.

Note that the integrity device will report (none) as the integrity mechanism:

integritysetup status plaintext_dif

/dev/mapper/plaintext_dif is active and is in use.
type:    INTEGRITY
tag size: 32
integrity: (none)
device:  /dev/mapper/example-ciphertext
sector size:  4096 bytes
interleave sectors: 32768
size:    2056456 sectors
mode:    read/write
journal size: 8380416 bytes
journal watermark: 50%
journal commit time: 10000 ms

This is expected, as LUKS passes the encryption tags from a higher level and dm-integrity is only used to store them. This can be verified with cryptsetup:

cryptsetup status /dev/mapper/plaintext

/dev/mapper/plaintext is active.
type:    LUKS2
cipher:  aes-xts-plain64
keysize: 512 bits
key location: keyring
integrity: hmac(sha256)
integrity keysize: 256 bits
device:  /dev/mapper/example-ciphertext
sector size:  4096
offset:  0 sectors
size:    2056456 sectors
mode:    read/write

The device can be removed (while preserving data, but making it inaccessible without providing password again) using cryptsetup:

cryptsetup close /dev/mapper/plaintext

Testing

To test if the verification works correctly, first let’s verify that the whole device is readable:

dd if=/dev/mapper/plaintext of=/dev/null bs=$((4096*256)) \
status=progress

988807168 bytes (989 MB, 943 MiB) copied, 6 s, 165 MB/s
1004+1 records in
1004+1 records out
1052905472 bytes (1.1 GB, 1004 MiB) copied, 6.28939 s, 167 MB/s

Now, let’s close the device and check if the block looks random, and overwrite it:

cryptsetup close /dev/mapper/plaintext
dd if=/dev/example/ciphertext bs=4096 skip=$((512*1024*1024/4096)) \
count=1 status=none | hexdump -C | head

00000000  70 a1 1d f7 da ae 04 d2  d5 f1 ed 6e ba 96 81 7a  |p..........n...z|
00000010  90 c9 7c e7 01 95 2b 12  ed fc 46 fb 0c d7 24 dd  |..|...+...F...$.|
00000020  48 a2 17 7a 17 9f 26 d8  ef ca 97 74 6e 56 2b 55  |H..z..&....tnV+U|
00000030  59 60 6c 72 e1 5d 14 b3  00 f9 70 e8 f3 31 5e 6f  |Y`lr.]....p..1^o|
00000040  c7 98 c8 e0 e0 f6 52 d3  36 07 34 93 59 42 98 12  |......R.6.4.YB..|
00000050  a8 44 f4 fa 13 94 d6 30  5d 88 ee 79 4c 99 7a a8  |.D.....0]..yL.z.|
00000060  cd 35 87 52 07 66 74 68  9e 61 2e 26 c3 74 67 91  |.5.R.fth.a.&.tg.|
00000070  33 57 21 61 44 b4 2e 31  a6 61 90 3f 04 d9 5e f3  |3W!aD..1.a.?..^.|
00000080  46 dc 2c c5 cb 50 1a b4  3a b5 4d 4d ee d3 0f fd  |F.,..P..:.MM....|
00000090  be 6c 5f 3a b6 f9 b3 f3  21 ac 6b cf dd f0 2e 3b  |.l_:....!.k....;|

Yep, looks random (and will look different for every newly formatted LUKS volume).

dd if=/dev/zero of=/dev/example/ciphertext bs=4096 \
seek=$((512*1024*1024/4096)) count=1
dd if=/dev/example/ciphertext bs=4096 skip=$((512*1024*1024/4096)) \
count=1 status=none | hexdump -C | head

00000000  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00001000

Not any more.

What happens when we try to read it now?

cryptsetup open --type luks /dev/example/ciphertext plaintext
dd if=/dev/mapper/plaintext of=/dev/null bs=$((4096*256)) \
status=progress

464519168 bytes (465 MB, 443 MiB) copied, 2 s, 232 MB/s
dd: error reading '/dev/mapper/example': Input/output error
496+1 records in
496+1 records out
520097792 bytes (520 MB, 496 MiB) copied, 2.43931 s, 213 MB/s

Exactly as expected, after reading about 0.5GiB of data, we get an I/O error.
(Re-writing the sector will cause checksum recalculation and will clear the error.)

Repeating the experiment without --integrity is left as an exercise for the reader

Standalone dm-integrity setup

By default, integritysetup will use crc32 which is quite fast and small (requiring just 4 bytes per block). This gives probability of random corruption not being detected of about 2^{-32} (as the value of the CRC and the data will be independently selected). Please remember that this is on top of the silent corruption of the hard drive; i.e. if the HDD has a probability of returning malformed data of 10^{-7} then probability of malformed data reaching upper layer is 10^-7 \cdot 2^-32 \approx 2^{-55} \approx 10^{-16}. There is a hidden assumption in this though – that the malformed data returned by the disk has uniform distribution, I don’t know if that is typical and was unable to find more information on this topic. If it is not uniformly distributed, the failure rate for crc32 may be higher. More research is necessary in this area.

In case that probability is unsatisfactory, it’s possible to use any of the hashes supported by the kernel and listed in the /proc/crypto system file, sha1, sha256, hmac-sha1 and hmac-sha256 being the more interesting ones.

Example configuration would look like this:

integritysetup format --progress-frequency 5 --integrity sha1 \
--tag-size 20 --sector-size 4096 /dev/example/raw-1

Formatted with tag size 20, internal integrity sha1.
Wiping device to initialize integrity checksum.
You can interrupt this by pressing CTRL+c (rest of not wiped device will contain invalid checksum).
Progress:   7.5%, ETA 01:04,   76 MiB written, speed  14.5 MiB/s
Progress:  17.2%, ETA 00:49,  173 MiB written, speed  16.8 MiB/s
Progress:  25.5%, ETA 00:45,  257 MiB written, speed  16.6 MiB/s
Progress:  32.5%, ETA 00:42,  328 MiB written, speed  16.0 MiB/s
Progress:  42.1%, ETA 00:35,  424 MiB written, speed  16.5 MiB/s
Progress:  51.2%, ETA 00:29,  516 MiB written, speed  16.8 MiB/s
Progress:  58.5%, ETA 00:25,  590 MiB written, speed  16.4 MiB/s
Progress:  68.6%, ETA 00:18,  692 MiB written, speed  16.9 MiB/s
Progress:  77.3%, ETA 00:13,  779 MiB written, speed  17.0 MiB/s
Progress:  84.3%, ETA 00:09,  850 MiB written, speed  16.6 MiB/s
Progress:  93.9%, ETA 00:03,  947 MiB written, speed  16.9 MiB/s
Finished, time 00:59.485, 1008 MiB written, speed  16.9 MiB/s

A new device is created with the open subcommand:

integritysetup open --integrity-no-journal --integrity sha1 \
/dev/example/raw-1 integr-1
integritysetup status integr-1

/dev/mapper/integr-1 is active.
type:    INTEGRITY
tag size: 20
integrity: sha1
device:  /dev/mapper/example-raw--1
sector size:  4096 bytes
interleave sectors: 32768
size:    2064688 sectors
mode:    read/write
journal: not active

(note that in line 4 we now have sha1 instead of (none))

If we want to cryptographically verify the integrity of the data, we will need to use an HMAC though.
Setting it up is fairly similar, but will require a key file (note: this key needs to remain secret for the algorithm to be cryptographically secure).

dd if=/dev/urandom of=hmac-key bs=1 count=20 status=none
integritysetup format --progress-frequency 5 --integrity hmac-sha1 \
--tag-size 20 --integrity-key-size 20 --integrity-key-file hmac-key \
--no-wipe --sector-size 4096 /dev/example/raw-1
integritysetup open --integrity-no-journal --integrity hmac-sha1 \
--integrity-key-size 20 --integrity-key-file hmac-key \
/dev/example/raw-1 integr-1
dd if=/dev/zero of=/dev/mapper/integr-1 bs=$((4096*32768))
integritysetup status integr-1

Formatted with tag size 20, internal integrity hmac-sha1.
dd: error writing '/dev/mapper/integr-1': No space left on device
8+0 records in
7+0 records out
1057120256 bytes (1.1 GB, 1008 MiB) copied, 9.45404 s, 112 MB/s
/dev/mapper/integr-1 is active.
type:    INTEGRITY
tag size: 20
integrity: hmac(sha1)
device:  /dev/mapper/example-raw--1
sector size:  4096 bytes
interleave sectors: 32768
size:    2064688 sectors
mode:    read/write
journal: not active

(this time I’ve used --no-wipe as dd from /dev/zero is much faster)

Combined mdadm and dm-integrity

Now that we know how to set up dm-integrity devices and that they work as advertised, let’s see if that indeed will prevent silent data corruption and provide automatic recovery with Linux RAID infrastructure.

For this setup I’ll be using files to make it easier to reproduce the results (integritysetup configures loop devices automatically).

RAID 5

Setup

First let’s initialise the dm-integrity targets:

SIZE=$((1024*1024*1024))
COUNT=6
for i in $(seq $COUNT); do
truncate -s $SIZE "raw-$i"
integritysetup format --integrity sha1 --tag-size 16 \
--sector-size 4096 --no-wipe "./raw-$i"
integritysetup open --integrity-no-journal --integrity \
sha1 "./raw-$i" "integr-$i"
dd if=/dev/zero "of=/dev/mapper/integr-$i" bs=$((4096*512)) || :
done

Formatted with tag size 16, internal integrity sha1.
dd: error writing '/dev/mapper/integr-1': No space left on device
505+0 records in
504+0 records out
1057120256 bytes (1.1 GB, 1008 MiB) copied, 5.119 s, 207 MB/s
Formatted with tag size 16, internal integrity sha1.
dd: error writing '/dev/mapper/integr-2': No space left on device
505+0 records in
504+0 records out
1057120256 bytes (1.1 GB, 1008 MiB) copied, 6.37586 s, 166 MB/s
Formatted with tag size 16, internal integrity sha1.
dd: error writing '/dev/mapper/integr-3': No space left on device
505+0 records in
504+0 records out
1057120256 bytes (1.1 GB, 1008 MiB) copied, 6.18465 s, 171 MB/s
Formatted with tag size 16, internal integrity sha1.
dd: error writing '/dev/mapper/integr-4': No space left on device
505+0 records in
504+0 records out
1057120256 bytes (1.1 GB, 1008 MiB) copied, 6.32175 s, 167 MB/s
Formatted with tag size 16, internal integrity sha1.
dd: error writing '/dev/mapper/integr-5': No space left on device
505+0 records in
504+0 records out
1057120256 bytes (1.1 GB, 1008 MiB) copied, 5.94098 s, 178 MB/s
Formatted with tag size 16, internal integrity sha1.
dd: error writing '/dev/mapper/integr-6': No space left on device
505+0 records in
504+0 records out
1057120256 bytes (1.1 GB, 1008 MiB) copied, 6.73871 s, 157 MB/s

Then set up the RAID-5 device and wait for initialisation.

mdadm --create /dev/md/robust -n$COUNT --level=5 \
$(seq --format "/dev/mapper/integr-%.0f" $COUNT)
mdadm --wait /dev/md/robust && echo ready

mdadm: Defaulting to version 1.2 metadata
mdadm: array /dev/md/robust started.
ready

Single failure

To make sure that we do not work from cache, stop the array, clear cache, and then overwrite half of one of the drives:

mdadm --stop /dev/md/robust
integritysetup close integr-1
tr '\000' '\377' < /dev/zero | dd of=raw-1 bs=4096 \
seek=$((SIZE/4096/2)) count=$((SIZE/4096/2-256)) \
conv=notrunc status=progress

mdadm: stopped /dev/md/robust
415428608 bytes (415 MB, 396 MiB) copied, 1 s, 413 MB/s
131008+0 records in
131008+0 records out
536608768 bytes (537 MB, 512 MiB) copied, 1.49256 s, 360 MB/s

(As we’re not encrypting data, the 00’s actually are on the disk, so we need to write something else, 0xff in this case. Also, we’re skipping last 1MiB of data as that’s where RAID superblock lives and recovery of it is a completely different kettle of fish.)

Restart the array:

integritysetup open --integrity-no-journal --integrity \
sha1 "./raw-1" "integr-1"
mdadm --assemble /dev/md/robust $(seq --format \
"/dev/mapper/integr-%.0f" $COUNT)

mdadm: /dev/md/robust has been started with 6 drives.

Verify that all data is readable and that it has expected values (all zero):

hexdump -C /dev/md/robust

00000000  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
13ab00000

Additionally you can verify that the errors were reported to the MD layer.
First, run ls -l /dev/md/robust to get to know the number of the md, then use it in the following command instead of 127:

grep . /sys/block/md127/md/dev-*/errors

/sys/block/md127/md/dev-dm-14/errors:867024
/sys/block/md127/md/dev-dm-15/errors:0
/sys/block/md127/md/dev-dm-16/errors:0
/sys/block/md127/md/dev-dm-17/errors:0
/sys/block/md127/md/dev-dm-18/errors:0
/sys/block/md127/md/dev-dm-19/errors:0

Scrub the volume to fix all bad blocks:

mdadm --action=repair /dev/md/robust
mdadm --wait /dev/md/robust && echo ready

ready

And verify that all the incorrect blocks were rewritten/corrected:

dd if=/dev/mapper/integr-1 bs=4096 of=/dev/null status=progress

864800768 bytes (865 MB, 825 MiB) copied, 4 s, 216 MB/s
258086+0 records in
258086+0 records out
1057120256 bytes (1.1 GB, 1008 MiB) copied, 4.68922 s, 225 MB/s

Double failure

Let’s see what happens if two drives return I/O error for the same area. Let’s introduce the errors:

mdadm --stop /dev/md/robust
integritysetup close integr-1
integritysetup close integr-2
tr '\000' '\377' < /dev/zero | dd of=raw-1 bs=4096 \
seek=$((SIZE/4096/2)) count=$((100*1025*1024/4096)) \
conv=notrunc status=none
tr '\000' '\377' < /dev/zero | dd of=raw-2 bs=4096 \
seek=$((SIZE/4096/2)) count=$((100*1025*1024/4096)) \
conv=notrunc status=none

mdadm: stopped /dev/md/robust

Then restart the array

integritysetup open --integrity-no-journal --integrity \
sha1 "./raw-1" "integr-1"
integritysetup open --integrity-no-journal --integrity \
sha1 "./raw-2" "integr-2"
mdadm --assemble /dev/md/robust $(seq --format \
"/dev/mapper/integr-%.0f" $COUNT)

mdadm: /dev/md/robust has been started with 6 drives.

Let’s verify:

hexdump -C /dev/md/robust

00000000  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
hexdump: /dev/md/robust: Input/output error
9c026000

As expected, we’ve received an I/O error. Additionally if we look at the status of the array, we’ll see that it has become degraded:

Personalities : [raid10] [raid6] [raid5] [raid4]
md127 : active raid5 dm-14[0](F) dm-19[6] dm-18[4] dm-17[3] dm-16[2] dm-15[1]
5155840 blocks super 1.2 level 5, 512k chunk, algorithm 2 [6/5] [_UUUUU]

This is most likely because the kernel will re-try to read the sectors, but if it receives a set number of read errors it cannot correct (see max_read_errors in md directory), it will kick the disk out of the array. Probably suboptimal given this setup – knowing the error came from software not hardware would mean that kicking the disk from the RAID won’t change anything.

Clean-up

mdadm --stop /dev/md/robust
for i in $(seq $COUNT); do
integritysetup close "integr-$i"
done

RAID 6

Let’s now try with RAID 6, that is, with double redundancy.

set-up:

for i in $(seq $COUNT); do
truncate -s $SIZE "raw-$i"
integritysetup format --integrity sha1 --tag-size 16 \
--sector-size 4096 --no-wipe "./raw-$i"
integritysetup open --integrity-no-journal --integrity \
sha1 "./raw-$i" "integr-$i"
dd if=/dev/zero "of=/dev/mapper/integr-$i" bs=$((4096*512)) || :
done

Formatted with tag size 16, internal integrity sha1.
dd: error writing '/dev/mapper/integr-1': No space left on device
505+0 records in
504+0 records out
1057120256 bytes (1.1 GB, 1008 MiB) copied, 4.8998 s, 216 MB/s
Formatted with tag size 16, internal integrity sha1.
dd: error writing '/dev/mapper/integr-2': No space left on device
505+0 records in
504+0 records out
1057120256 bytes (1.1 GB, 1008 MiB) copied, 7.21848 s, 146 MB/s
Formatted with tag size 16, internal integrity sha1.
dd: error writing '/dev/mapper/integr-3': No space left on device
505+0 records in
504+0 records out
1057120256 bytes (1.1 GB, 1008 MiB) copied, 7.85458 s, 135 MB/s
Formatted with tag size 16, internal integrity sha1.
dd: error writing '/dev/mapper/integr-4': No space left on device
505+0 records in
504+0 records out
1057120256 bytes (1.1 GB, 1008 MiB) copied, 7.48937 s, 141 MB/s
Formatted with tag size 16, internal integrity sha1.
dd: error writing '/dev/mapper/integr-5': No space left on device
505+0 records in
504+0 records out
1057120256 bytes (1.1 GB, 1008 MiB) copied, 7.30369 s, 145 MB/s
Formatted with tag size 16, internal integrity sha1.
dd: error writing '/dev/mapper/integr-6': No space left on device
505+0 records in
504+0 records out
1057120256 bytes (1.1 GB, 1008 MiB) copied, 7.05441 s, 150 MB/s

RAID initialization:

mdadm --create /dev/md/robust -n$COUNT --level=6 \
$(seq --format "/dev/mapper/integr-%.0f" $COUNT)
mdadm --wait /dev/md/robust && echo ready

ready

Single failure

mdadm --stop /dev/md/robust
integritysetup close integr-1
tr '\000' '\377' < /dev/zero | dd of=raw-1 bs=4096 \
seek=$((SIZE/4096/2)) count=$((SIZE/4096/2-256)) \
conv=notrunc status=progress

mdadm: stopped /dev/md/robust
415428608 bytes (415 MB, 396 MiB) copied, 1 s, 413 MB/s
131008+0 records in
131008+0 records out
536608768 bytes (537 MB, 512 MiB) copied, 1.49256 s, 360 MB/s

Restart the array:

integritysetup open --integrity-no-journal --integrity \
sha1 "./raw-1" "integr-1"
mdadm --assemble /dev/md/robust $(seq --format \
"/dev/mapper/integr-%.0f" $COUNT)

mdadm: /dev/md/robust has been started with 6 drives.

Verify that all data is readable and that it has expected values (all zero):

hexdump -C /dev/md/robust

00000000  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
fbc00000

Good. And let’s check the status of the array:

Personalities : [raid10] [raid6] [raid5] [raid4]
md127 : active raid6 dm-19[5] dm-18[4] dm-17[3] dm-16[2] dm-15[1] dm-14[0](F)
4124672 blocks super 1.2 level 6, 512k chunk, algorithm 2 [6/5] [_UUUUU]

Not good, looks like the raid6 target has a different way of handling I/O errors than the raid5 one and even if the failures are correctible, the array is degraded.

Double failure

Faults introduction:

mdadm --stop /dev/md/robust
integritysetup close integr-1
integritysetup close integr-2
tr '\000' '\377' < /dev/zero | dd of=raw-1 bs=4096 \
seek=$((SIZE/4096/2)) count=$((100*1025*1024/4096)) \
conv=notrunc status=none
tr '\000' '\377' < /dev/zero | dd of=raw-2 bs=4096 \
seek=$((SIZE/4096/2)) count=$((100*1025*1024/4096)) \
conv=notrunc status=none

mdadm: stopped /dev/md/robust

Restart:

integritysetup open --integrity-no-journal --integrity \
sha1 "./raw-1" "integr-1"
integritysetup open --integrity-no-journal --integrity \
sha1 "./raw-2" "integr-2"
mdadm --assemble /dev/md/robust $(seq --format \
"/dev/mapper/integr-%.0f" $COUNT)

mdadm: /dev/md/robust has been started with 6 drives.

Verify:

hexdump -C /dev/md/robust

00000000  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
fbc00000

so far so good

Personalities : [raid10] [raid6] [raid5] [raid4]
md127 : active raid6 dm-14[0](F) dm-19[5] dm-18[4] dm-17[3] dm-16[2] dm-15[1](F)
4124672 blocks super 1.2 level 6, 512k chunk, algorithm 2 [6/4] [__UUUU]

not so good, both disks were marked as faulty in the array…

Clean-up

mdadm --stop /dev/md/robust
for i in $(seq $COUNT); do
integritysetup close "integr-$i"
rm "raw-$i"
done

Summary

While the functionality necessary to provide detection and correction of silent data corruption is available in the Linux kernel, the implementation likely will need few tweaks to not excerbate situations where the hardware is physically failing, not just returning garbage. Passing additional metadata about the I/O errors from the dm-integrity layer to the md layer could be a potential solution.

Update: This bug has been fixed in the upstream code in September 2019.

Also, this mechanism comes into play only when the hard drive technically already is failing, so at least you will know about the failure, and really, the failing disk is getting kicked out 🙂

Learn more

Data integrity protection with cryptsetup tools presentation by Milan BroĹľ at FOSDEM.

Note: Above tests were performed using 4.16.6-1-ARCH Linux kernel, mdadm 4.0-1 and cryptsetup 2.0.2-1 from ArchLinux.

Safe primes in Diffie-Hellman

Diffie-Hellman key agreement protocol uses modular exponentiation and calls for use of special prime numbers. If you ever wondered why, I’ll try to explain.

Diffie-Hellman key agreement

The “classical” Diffie-Hellman key exchange also known as Finite Field Diffie-Hellman uses one type of operation — modular exponentiation — and two secrets for two communication peers to arrive at a single shared secret.

The protocol requires a prime number and a number that is a so-called “generator” number to be known to both peers. This is usually achieved by either the server sending those values to the client (e.g. in TLS before v1.3 or in some SSH key exchange types) or by distributing them ahead of time to the peers (e.g. in IPSec and TLS 1.3).

When both peers know which parameters to use, they generate a random number, perform modular exponentiation with this random number, group generator and prime and send the result to the other party as a “key share”. That other party takes this key share and uses it as the generator to perform modular exponentiation again. The result of that second operation is the agreed key share.

If we define g as the generator, p as the prime, S_r as the server selected random, S_k as the server key share, C_r as the client selected random and C_k as the client key share, and SK being the agreed upon secret, the server performs following operations:
g^{S_r} = S_k \mod p
C_k^{S_r} = SK \mod p

Client performs following operation:
g^{C_r} = C_k \mod p
S_k^{C_r} = SK \mod p

Because (g^{C_r})^{S_r} = (g^{S_r})^{C_r} = SK \mod p both parties agree on the same SK.

Unfortunately both peers need to operate on a value provided by the other party (not necessarily trusted or authenticated) and their secret value at the same time. This calls for the the prime number used to have some special properties.

Modular exponentiation

The basic operation we’ll be dealing with is modular exponentiation. The simple way to explain it is that we take a number, raise it to some power. Then we take that result and divide it by a third number. The remainder of that division is our result.

For 2^10 mod 12, the calculation will go as follows, first exponentiation:

2^10 = 1024

Then division:

1024 = 85*12 + 4

So the result is 4.

One of the interesting properties of modular exponentiation, is that it is cyclic. If we take a base number and start raising it to higher and higher powers, we will be getting the same numbers in the same order:

$ python powmod.py -g 3 -m 14 -e 28
3^0  mod 14 = 1
3^1  mod 14 = 3
3^2  mod 14 = 9
3^3  mod 14 = 13
3^4  mod 14 = 11
3^5  mod 14 = 5
3^6  mod 14 = 1
3^7  mod 14 = 3
3^8  mod 14 = 9
3^9  mod 14 = 13
3^10 mod 14 = 11
3^11 mod 14 = 5
3^12 mod 14 = 1
3^13 mod 14 = 3
3^14 mod 14 = 9
3^15 mod 14 = 13
3^16 mod 14 = 11
3^17 mod 14 = 5
3^18 mod 14 = 1
3^19 mod 14 = 3
3^20 mod 14 = 9
3^21 mod 14 = 13
3^22 mod 14 = 11
3^23 mod 14 = 5
3^24 mod 14 = 1
3^25 mod 14 = 3
3^26 mod 14 = 9
3^27 mod 14 = 13

This comes from the fact that in modulo arithmetic, for addition, subtraction, multiplication and exponentiation, the order in which the modulo operations are made does not matter; a + b mod c is equal to (a mod c + b mod c) mod c. Thus if we try to calculate the example for 3^17 mod 14 we can write it down as ((3^6 mod 14) * (3^6 mod 14) * (3^5 mod 14)) mod 14. Then the calculation is reduced to 1 * 1 * 3^5 mod 14.

The inverse of modular exponentiation is discrete logarithm, in which for a given base and modulus, we look for exponent that will result in given number:

g^x mod m = n

Where g, m and n are given, we’re looking for x.

Because there are no fast algorithms for calculating discrete logarithm, is one of the reasons we can use modulo exponentiation as the base of Diffie-Hellman algorithm.

Cyclic groups

Let’s see what happens if we start calculating results of modular exponentiation for 14 with different bases:

$ python groups.py -m 14
Groups modulo 14
g:  0, [1, 0]
g:  1, [1]
g:  2, [1, 2, 4, 8]
g:  3, [1, 3, 9, 13, 11, 5]
g:  4, [1, 4, 2, 8]
g:  5, [1, 5, 11, 13, 9, 3]
g:  6, [1, 6, 8]
g:  7, [1, 7]
g:  8, [1, 8]
g:  9, [1, 9, 11]
g: 10, [1, 10, 2, 6, 4, 12, 8]
g: 11, [1, 11, 9]
g: 12, [1, 12, 4, 6, 2, 10, 8]
g: 13, [1, 13]

Neither of the numbers can generate all of the numbers that are smaller than the integer we calculate the modulo operation with. In other words, there is no generator (in number theoretic sense) that generates the whole group.

To find such numbers, we need to start looking at prime numbers.

Cyclic groups modulo prime

Let’s see what happens for 13:

$ python groups.py -m 13
Groups modulo 13
g:  0, [1, 0]
g:  1, [1]
g:  2, [1, 2, 4, 8, 3, 6, 12, 11, 9, 5, 10, 7]
g:  3, [1, 3, 9]
g:  4, [1, 4, 3, 12, 9, 10]
g:  5, [1, 5, 12, 8]
g:  6, [1, 6, 10, 8, 9, 2, 12, 7, 3, 5, 4, 11]
g:  7, [1, 7, 10, 5, 9, 11, 12, 6, 3, 8, 4, 2]
g:  8, [1, 8, 12, 5]
g:  9, [1, 9, 3]
g: 10, [1, 10, 9, 12, 3, 4]
g: 11, [1, 11, 4, 5, 3, 7, 12, 2, 9, 8, 10, 6]
g: 12, [1, 12]

The obvious result is that we now have 4 generators — 2, 6, 7 and 11 generate the whole group.

But there is other result hiding. Let’s see the results for 19, but with sizes of those groups shown:

$ python groups-ann.py -m 19
Groups modulo 19
g:   0, len:   2, [1, 0]
g:   1, len:   1, [1]
g:   2, len:  18, [1, 2, 4, 8, 16, 13, 7, 14, 9, 18, 17, 15, 11, 3, 6, 12, 5, 10]
g:   3, len:  18, [1, 3, 9, 8, 5, 15, 7, 2, 6, 18, 16, 10, 11, 14, 4, 12, 17, 13]
g:   4, len:   9, [1, 4, 16, 7, 9, 17, 11, 6, 5]
g:   5, len:   9, [1, 5, 6, 11, 17, 9, 7, 16, 4]
g:   6, len:   9, [1, 6, 17, 7, 4, 5, 11, 9, 16]
g:   7, len:   3, [1, 7, 11]
g:   8, len:   6, [1, 8, 7, 18, 11, 12]
g:   9, len:   9, [1, 9, 5, 7, 6, 16, 11, 4, 17]
g:  10, len:  18, [1, 10, 5, 12, 6, 3, 11, 15, 17, 18, 9, 14, 7, 13, 16, 8, 4, 2]
g:  11, len:   3, [1, 11, 7]
g:  12, len:   6, [1, 12, 11, 18, 7, 8]
g:  13, len:  18, [1, 13, 17, 12, 4, 14, 11, 10, 16, 18, 6, 2, 7, 15, 5, 8, 9, 3]
g:  14, len:  18, [1, 14, 6, 8, 17, 10, 7, 3, 4, 18, 5, 13, 11, 2, 9, 12, 16, 15]
g:  15, len:  18, [1, 15, 16, 12, 9, 2, 11, 13, 5, 18, 4, 3, 7, 10, 17, 8, 6, 14]
g:  16, len:   9, [1, 16, 9, 11, 5, 4, 7, 17, 6]
g:  17, len:   9, [1, 17, 4, 11, 16, 6, 7, 5, 9]
g:  18, len:   2, [1, 18]

Note that all the sizes of those groups are factors of 18 – that is p-1.

The third observation we can draw from those results is that, for any number the size of the group of the generated elements will be at most as large as the size of the base number.

With 19, if we take generator 8, the size of its subgroup is 6. But size of subgroups of 7, 18, 11 and 12 is respectively 3, 2, 3 and 6.

Thus, not only is the subgroup much smaller than the full group, it is also impossible to “escape” from it.

Safe primes

We saw that for primes, some bases are better than others (look into finite fields to learn more).

As we noticed, sizes of all groups are factors of the prime less one (see Fermat’s little theorem for proof of this). Of course, with the exception of 2, all primes are odd numbers, so p-1 will always be divisible by two – it will be a composite number. But q = (p-1)/2 doesn’t have to be composite. Indeed, we call primes for which q is also prime safe primes.

Let’s see what happens if we calculate groups of such a prime:

$ python groups-ann.py -m 23
Group sizes modulo 23
g:   0, len:   2, [1, 0]
g:   1, len:   1, [1]
g:   2, len:  11, [1, 2, 4, 8, 16, 9, 18, 13, 3, 6, 12]
g:   3, len:  11, [1, 3, 9, 4, 12, 13, 16, 2, 6, 18, 8]
g:   4, len:  11, [1, 4, 16, 18, 3, 12, 2, 8, 9, 13, 6]
g:   5, len:  22, [1, 5, 2, 10, 4, 20, 8, 17, 16, 11, 9, 22, 18, 21, 13, 19, 3, 15, 6, 7, 12, 14]
g:   6, len:  11, [1, 6, 13, 9, 8, 2, 12, 3, 18, 16, 4]
g:   7, len:  22, [1, 7, 3, 21, 9, 17, 4, 5, 12, 15, 13, 22, 16, 20, 2, 14, 6, 19, 18, 11, 8, 10]
g:   8, len:  11, [1, 8, 18, 6, 2, 16, 13, 12, 4, 9, 3]
g:   9, len:  11, [1, 9, 12, 16, 6, 8, 3, 4, 13, 2, 18]
g:  10, len:  22, [1, 10, 8, 11, 18, 19, 6, 14, 2, 20, 16, 22, 13, 15, 12, 5, 4, 17, 9, 21, 3, 7]
g:  11, len:  22, [1, 11, 6, 20, 13, 5, 9, 7, 8, 19, 2, 22, 12, 17, 3, 10, 18, 14, 16, 15, 4, 21]
g:  12, len:  11, [1, 12, 6, 3, 13, 18, 9, 16, 8, 4, 2]
g:  13, len:  11, [1, 13, 8, 12, 18, 4, 6, 9, 2, 3, 16]
g:  14, len:  22, [1, 14, 12, 7, 6, 15, 3, 19, 13, 21, 18, 22, 9, 11, 16, 17, 8, 20, 4, 10, 2, 5]
g:  15, len:  22, [1, 15, 18, 17, 2, 7, 13, 11, 4, 14, 3, 22, 8, 5, 6, 21, 16, 10, 12, 19, 9, 20]
g:  16, len:  11, [1, 16, 3, 2, 9, 6, 4, 18, 12, 8, 13]
g:  17, len:  22, [1, 17, 13, 14, 8, 21, 12, 20, 18, 7, 4, 22, 6, 10, 9, 15, 2, 11, 3, 5, 16, 19]
g:  18, len:  11, [1, 18, 2, 13, 4, 3, 8, 6, 16, 12, 9]
g:  19, len:  22, [1, 19, 16, 5, 3, 11, 2, 15, 9, 10, 6, 22, 4, 7, 18, 20, 12, 21, 8, 14, 13, 17]
g:  20, len:  22, [1, 20, 9, 19, 12, 10, 16, 21, 6, 5, 8, 22, 3, 14, 4, 11, 13, 7, 2, 17, 18, 15]
g:  21, len:  22, [1, 21, 4, 15, 16, 14, 18, 10, 3, 17, 12, 22, 2, 19, 8, 7, 9, 5, 13, 20, 6, 11]
g:  22, len:   2, [1, 22]

The groups look very different to the ones we saw previously, with the exception of bases 0, 1 and p-1, all groups are relatively large – 11 or 22 elements.

One interesting observation we can make about bases that have group order of 2q, is that even exponents will remain in a group of size 2q while odd will move to a group with order of q. Thus we can say that use of generator that is part of group order of 2q will leak the least significant bit of the exponent.

That’s why protecting against small subgroup attacks with safe primes is so easy, it requires comparing the peer’s key share against just 3 numbers. It’s also the reason why it’s impossible to “backdoor” the parameters (prime and generator), as every generator is a good generator.

January 2017 scan results

 
SSL/TLS survey of 637373 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      484513    76.0172
3DES Only                 391       0.0613
3DES Preferred            1250      0.1961
3DES forced in TLS1.1+    764       0.1199
AES                       634574    99.5609
AES Only                  82593     12.9583
AES-CBC                   633962    99.4648
AES-CBC Only              4804      0.7537
AES-GCM                   566382    88.8619
AES-GCM Only              566       0.0888
CAMELLIA                  274130    43.0094
CAMELLIA Only             9         0.0014
CHACHA20                  97871     15.3554
Insecure                  41590     6.5252
RC4                       130245    20.4347
RC4 Only                  81        0.0127
RC4 Preferred             9041      1.4185
RC4 forced in TLS1.1+     5103      0.8006
x:FF 29 3DES Only         426       0.0668
x:FF 29 3DES Preferred    1511      0.2371
x:FF 29 RC4 Only          115       0.018
x:FF 29 RC4 Preferred     10450     1.6395
x:FF 29 incompatible      555       0.0871
x:FF 35 3DES Only         434       0.0681
x:FF 35 3DES Preferred    1370      0.2149
x:FF 35 RC4 Only          120       0.0188
x:FF 35 RC4 Preferred     10457     1.6406
x:FF 35 incompatible      564       0.0885
x:FF 44 3DES Only         2702      0.4239
x:FF 44 3DES Preferred    5130      0.8049
x:FF 44 incompatible      684       0.1073
y:DHE-RSA-SEED-SHA        73930     11.5992
y:IDEA-CBC-SHA            72645     11.3976
y:SEED-SHA                85247     13.3747
z:ADH-AES128-GCM-SHA256   395       0.062
z:ADH-AES128-SHA          559       0.0877
z:ADH-AES128-SHA256       273       0.0428
z:ADH-AES256-GCM-SHA384   401       0.0629
z:ADH-AES256-SHA          608       0.0954
z:ADH-AES256-SHA256       271       0.0425
z:ADH-CAMELLIA128-SHA     323       0.0507
z:ADH-CAMELLIA256-SHA     356       0.0559
z:ADH-DES-CBC-SHA         193       0.0303
z:ADH-DES-CBC3-SHA        557       0.0874
z:ADH-RC4-MD5             409       0.0642
z:ADH-SEED-SHA            251       0.0394
z:AECDH-AES128-SHA        5936      0.9313
z:AECDH-AES256-SHA        5986      0.9392
z:AECDH-DES-CBC3-SHA      5855      0.9186
z:AECDH-NULL-SHA          63        0.0099
z:AECDH-RC4-SHA           5444      0.8541
z:DES-CBC-MD5             4272      0.6703
z:DES-CBC-SHA             27120     4.255
z:DES-CBC3-MD5            12351     1.9378
z:ECDHE-RSA-NULL-SHA      71        0.0111
z:EDH-RSA-DES-CBC-SHA     23252     3.6481
z:EXP-ADH-DES-CBC-SHA     113       0.0177
z:EXP-ADH-RC4-MD5         112       0.0176
z:EXP-DES-CBC-SHA         7366      1.1557
z:EXP-EDH-RSA-DES-CBC-SHA 5734      0.8996
z:EXP-RC2-CBC-MD5         8812      1.3825
z:EXP-RC4-MD5             9146      1.435
z:EXP1024-DES-CBC-SHA     2217      0.3478
z:EXP1024-RC4-SHA         2253      0.3535
z:IDEA-CBC-MD5            896       0.1406
z:NULL-MD5                155       0.0243
z:NULL-SHA                163       0.0256
z:NULL-SHA256             53        0.0083
z:RC2-CBC-MD5             4488      0.7041
z:RC4-64-MD5              484       0.0759

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               144465    22.6657
Server side               492908    77.3343

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       760       0.1192
AECDH                     5997      0.9409
DHE                       355271    55.7399
ECDH                      3         0.0005
ECDHE                     587716    92.2091
ECDHE and DHE             326491    51.2245
RSA                       531637    83.4107

Supported NPN protocols   Count    Percent 
-------------------------+---------+--------
HTTP/1.0                  1         0.0002   
HTTP/1.1                  1         0.0002   
None                      364799    57.2348  
None Only                 364799    57.2348  
grpc-exp                  47        0.0074   
h2                        159048    24.9537  
h2 Only                   134       0.021    
h2-12                     6         0.0009   
h2-14                     1825      0.2863   
h2-14 Only                1         0.0002   
h2-16                     81        0.0127   
h2-17                     335       0.0526   
h2-fb                     31        0.0049   
h2c                       338       0.053    
http                      1         0.0002   
http/1.0                  18066     2.8344   
http/1.1                  272686    42.7828  
http/1.1 Only             89478     14.0386  
http/2                    67        0.0105   
http/2.0                  1         0.0002   
http1.0                   14        0.0022   
http1.1                   14        0.0022   
https                     1         0.0002   
https Only                1         0.0002   
spdy                      1         0.0002   
spdy/2                    16576     2.6007   
spdy/2 Only               2         0.0003   
spdy/3                    16756     2.6289   
spdy/3.0                  1         0.0002   
spdy/3.1                  107836    16.9188  
spdy/3.1 Only             1         0.0002   
x-mod-spdy/0.9.4.1-0      1         0.0002   
x-mod-spdy/0.9.4.1-146826 2         0.0003   
x-mod-spdy/0.9.4.1-397    2         0.0003   
x-mod-spdy/0.9.4.1-4e5ad45 1         0.0002   
x-mod-spdy/0.9.4.1-6bd08c0 2         0.0003   
x-mod-spdy/0.9.4.1-df466c5 1         0.0002   
x-mod-spdy/0.9.4.1-f7ff75d 1         0.0002   
x-mod-spdy/0.9.4.2-146826 2         0.0003   
x-mod-spdy/0.9.4.2-3a57358 2         0.0003   
x-mod-spdy/0.9.4.2-413    6         0.0009   
x-mod-spdy/0.9.4.2-465a04f 1         0.0002   
x-mod-spdy/0.9.4.3-146826 301       0.0472   
x-mod-spdy/0.9.4.3-420    184       0.0289   

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               98801     15.5013  27.81
DH,2018bits               1         0.0002   0.0003
DH,2046bits               1         0.0002   0.0003
DH,2048bits               229725    36.0425  64.6619
DH,2049bits               1         0.0002   0.0003
DH,204bits                1         0.0002   0.0003
DH,2236bits               77        0.0121   0.0217
DH,2432bits               2         0.0003   0.0006
DH,3072bits               169       0.0265   0.0476
DH,3092bits               1         0.0002   0.0003
DH,4086bits               1         0.0002   0.0003
DH,4094bits               1         0.0002   0.0003
DH,4096bits               26222     4.1141   7.3808
DH,512bits                67        0.0105   0.0189
DH,768bits                268       0.042    0.0754
DH,8192bits               6         0.0009   0.0017
ECDH,B-571,570bits        6197      0.9723   1.0544
ECDH,P-192,192bits        94        0.0147   0.016
ECDH,P-224,224bits        73        0.0115   0.0124
ECDH,P-256,256bits        544826    85.4799  92.7023
ECDH,P-384,384bits        17604     2.762    2.9953
ECDH,P-521,521bits        20840     3.2697   3.5459
ECDH,brainpoolP512r1,512bits 4         0.0006   0.0007
Prefer DH,1024bits        29024     4.5537   8.1695
Prefer DH,2048bits        4648      0.7292   1.3083
Prefer DH,3072bits        11        0.0017   0.0031
Prefer DH,3092bits        1         0.0002   0.0003
Prefer DH,4096bits        462       0.0725   0.13
Prefer DH,512bits         1         0.0002   0.0003
Prefer DH,768bits         21        0.0033   0.0059
Prefer ECDH,B-571,570bits 5971      0.9368   1.016
Prefer ECDH,P-192,192bits 18        0.0028   0.0031
Prefer ECDH,P-224,224bits 71        0.0111   0.0121
Prefer ECDH,P-256,256bits 517628    81.2127  88.0745
Prefer ECDH,P-384,384bits 14365     2.2538   2.4442
Prefer ECDH,P-521,521bits 20292     3.1837   3.4527
Prefer ECDH,brainpoolP512r1,512bits 4         0.0006   0.0007
Prefer PFS                592517    92.9624  0
Support PFS               616496    96.7245  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
None                      3         0.0005   
None Only                 3         0.0005   
brainpoolP256r1           59412     9.3214   
brainpoolP384r1           59440     9.3258   
brainpoolP512r1           59500     9.3352   
prime192v1                1292      0.2027   
prime192v1 Only           1         0.0002   
prime256v1                564796    88.6131  
prime256v1 Only           443802    69.6299  
secp160k1                 1097      0.1721   
secp160r1                 1106      0.1735   
secp160r2                 1097      0.1721   
secp192k1                 1157      0.1815   
secp224k1                 1221      0.1916   
secp224r1                 5276      0.8278   
secp256k1                 61378     9.6298   
secp384r1                 131166    20.5792  
secp384r1 Only            9007      1.4131   
secp521r1                 97741     15.335   
secp521r1 Only            148       0.0232   
sect163k1                 1097      0.1721   
sect163r1                 1097      0.1721   
sect163r2                 1097      0.1721   
sect193r1                 1096      0.172    
sect193r2                 1096      0.172    
sect233k1                 1161      0.1822   
sect233r1                 1161      0.1822   
sect239k1                 1160      0.182    
sect283k1                 60272     9.4563   
sect283k1 Only            6         0.0009   
sect283r1                 60267     9.4555   
sect409k1                 60267     9.4555   
sect409r1                 60264     9.4551   
sect571k1                 60264     9.4551   
sect571r1                 60256     9.4538   
sect571r1 Only            1         0.0002   
server                    103338    16.2131  
server Only               103338    16.2131  

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          587529    92.1798  
unknown                        49844     7.8202   

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
                          102230    16.0393  
client                    24176     3.7931   
server                    461313    72.3772  
unknown                   49654     7.7904   

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     66350     10.4099  
ECDSA-SHA1 Only                6         0.0009   
ECDSA-SHA224                   66253     10.3947  
ECDSA-SHA256                   91830     14.4076  
ECDSA-SHA256 Only              2         0.0003   
ECDSA-SHA384                   91781     14.3999  
ECDSA-SHA512                   91764     14.3972  
ECDSA-SHA512 Only              7         0.0011   
RSA-MD5                        15908     2.4959   
RSA-SHA1                       501479    78.679   
RSA-SHA1 Only                  21952     3.4441   
RSA-SHA224                     441206    69.2226  
RSA-SHA256                     493369    77.4066  
RSA-SHA256 Only                7807      1.2249   
RSA-SHA384                     455218    71.421   
RSA-SHA384 Only                4         0.0006   
RSA-SHA512                     454163    71.2555  
RSA-SHA512 Only                194       0.0304   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         301999    47.3818  
indeterminate                  30        0.0047   
intolerant                     6430      1.0088   
order-fallback                 2         0.0003   
server                         271614    42.6146  
unsupported                    11389     1.7869   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     66251     10.3944  
ECDSA intolerant               196       0.0308   
ECDSA pfs-rsa-SHA512           25416     3.9876   
ECDSA soft-nopfs               3         0.0005   
RSA False                      15762     2.473    
RSA SHA1                       450760    70.7215  
RSA intolerant                 44240     6.941    
RSA pfs-ecdsa-SHA512           5439      0.8533   
RSA soft-nopfs                 386       0.0606   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     3581      0.5618   
insecure                  13396     2.1018   
secure                    620396    97.3364  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      4938      0.7747   
False                     3581      0.5618   
NONE                      628854    98.6634  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         1         0.0002   
1 only                    1         0.0002   
2                         2         0.0003   
2 only                    2         0.0003   
5                         4         0.0006   
5 only                    4         0.0006   
10                        6         0.0009   
10 only                   6         0.0009   
15                        9         0.0014   
15 only                   9         0.0014   
30                        27        0.0042   
30 only                   27        0.0042   
60                        164       0.0257   
60 only                   161       0.0253   
65                        2         0.0003   
65 only                   2         0.0003   
70                        10        0.0016   
70 only                   8         0.0013   
100                       19        0.003    
100 only                  19        0.003    
120                       42        0.0066   
120 only                  41        0.0064   
128                       5         0.0008   
128 only                  5         0.0008   
150                       10        0.0016   
150 only                  8         0.0013   
180                       94        0.0147   
180 only                  93        0.0146   
240                       12        0.0019   
240 only                  12        0.0019   
298                       3         0.0005   
299                       5         0.0008   
300                       307323    48.2171  
300 only                  304751    47.8136  
302                       1         0.0002   
302 only                  1         0.0002   
360                       7         0.0011   
360 only                  4         0.0006   
400                       6         0.0009   
400 only                  6         0.0009   
420                       114       0.0179   
420 only                  97        0.0152   
450                       1         0.0002   
450 only                  1         0.0002   
480                       11        0.0017   
480 only                  11        0.0017   
500                       2         0.0003   
500 only                  2         0.0003   
540                       4         0.0006   
540 only                  4         0.0006   
599                       1         0.0002   
600                       37623     5.9028   
600 only                  37455     5.8765   
700                       1         0.0002   
700 only                  1         0.0002   
720                       4         0.0006   
720 only                  4         0.0006   
800                       2         0.0003   
800 only                  2         0.0003   
840                       2         0.0003   
840 only                  2         0.0003   
900                       1989      0.3121   
900 only                  1960      0.3075   
960                       2         0.0003   
960 only                  2         0.0003   
1000                      6         0.0009   
1000 only                 6         0.0009   
1200                      4240      0.6652   
1200 only                 4236      0.6646   
1320                      1         0.0002   
1320 only                 1         0.0002   
1380                      2         0.0003   
1380 only                 2         0.0003   
1440                      1         0.0002   
1440 only                 1         0.0002   
1500                      15        0.0024   
1500 only                 13        0.002    
1800                      1067      0.1674   
1800 only                 1058      0.166    
1920                      3         0.0005   
1920 only                 3         0.0005   
1980                      2         0.0003   
1980 only                 2         0.0003   
2100                      3         0.0005   
2100 only                 2         0.0003   
2400                      5         0.0008   
2400 only                 5         0.0008   
2700                      5         0.0008   
2700 only                 5         0.0008   
3000                      84        0.0132   
3000 only                 84        0.0132   
3600                      2271      0.3563   
3600 only                 2227      0.3494   
3840                      12        0.0019   
3840 only                 4         0.0006   
4200                      3         0.0005   
4200 only                 3         0.0005   
4500                      1         0.0002   
4500 only                 1         0.0002   
4800                      1         0.0002   
4800 only                 1         0.0002   
5160                      1         0.0002   
5160 only                 1         0.0002   
5400                      11        0.0017   
5400 only                 11        0.0017   
6000                      318       0.0499   
6000 only                 306       0.048    
7000                      1         0.0002   
7000 only                 1         0.0002   
7200                      15902     2.4949   
7200 only                 15890     2.493    
7500                      2         0.0003   
7500 only                 2         0.0003   
7680                      2         0.0003   
7680 only                 2         0.0003   
8100                      2         0.0003   
8100 only                 2         0.0003   
9000                      2         0.0003   
9000 only                 2         0.0003   
10800                     6541      1.0262   
10800 only                6523      1.0234   
14400                     419       0.0657   
14400 only                413       0.0648   
14700                     1         0.0002   
14700 only                1         0.0002   
18000                     9         0.0014   
18000 only                9         0.0014   
21600                     5440      0.8535   
21600 only                5439      0.8533   
25200                     1         0.0002   
25200 only                1         0.0002   
28800                     1906      0.299    
28800 only                1906      0.299    
30000                     3         0.0005   
30000 only                2         0.0003   
36000                     1338      0.2099   
36000 only                1330      0.2087   
43200                     91        0.0143   
43200 only                91        0.0143   
54000                     1         0.0002   
54000 only                1         0.0002   
60000                     2         0.0003   
60000 only                2         0.0003   
61440                     1         0.0002   
61440 only                1         0.0002   
64799                     1         0.0002   
64800                     87126     13.6695  
64800 only                87122     13.6689  
72000                     14        0.0022   
72000 only                14        0.0022   
79200                     1         0.0002   
79200 only                1         0.0002   
86399                     1         0.0002   
86400                     4632      0.7267   
86400 only                4612      0.7236   
100798                    1         0.0002   
100799                    250       0.0392   
100800                    772       0.1211   
100800 only               509       0.0799   
129600                    15        0.0024   
129600 only               15        0.0024   
172800                    43        0.0067   
172800 only               43        0.0067   
216000                    6         0.0009   
216000 only               6         0.0009   
259200                    2         0.0003   
259200 only               2         0.0003   
432000                    1         0.0002   
432000 only               1         0.0002   
600000                    1         0.0002   
600000 only               1         0.0002   
604800                    1         0.0002   
604800 only               1         0.0002   
864000                    2         0.0003   
864000 only               2         0.0003   
2419200                   1         0.0002   
2419200 only              1         0.0002   
2592000                   1         0.0002   
2592000 only              1         0.0002   
7776000                   2         0.0003   
7776000 only              2         0.0003   
None                      160458    25.1749  
None only                 157570    24.7218  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      6451      1.0121   
ecdsa-with-SHA256         89624     14.0615  
sha1WithRSAEncryption     2441      0.383    
sha256WithRSAEncryption   570649    89.5314  
sha384WithRSAEncryption   17        0.0027   
sha512WithRSAEncryption   109       0.0171   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 91762     14.3969  
ECDSA 384                 104       0.0163   
ECDSA 521                 1         0.0002   
RSA 1024                  7         0.0011   
RSA 2048                  532848    83.6007  
RSA 2049                  4         0.0006   
RSA 2056                  1         0.0002   
RSA 2058                  4         0.0006   
RSA 2059                  1         0.0002   
RSA 2060                  1         0.0002   
RSA 2084                  2         0.0003   
RSA 2086                  1         0.0002   
RSA 2096                  3         0.0005   
RSA 2432                  4         0.0006   
RSA 2480                  1         0.0002   
RSA 2560                  1         0.0002   
RSA 2948                  1         0.0002   
RSA 3072                  214       0.0336   
RSA 3096                  2         0.0003   
RSA 3248                  3         0.0005   
RSA 4048                  2         0.0003   
RSA 4056                  8         0.0013   
RSA 4068                  2         0.0003   
RSA 4069                  2         0.0003   
RSA 4086                  2         0.0003   
RSA 4092                  2         0.0003   
RSA 4096                  39888     6.2582   
RSA 8192                  16        0.0025   
RSA 8392                  1         0.0002   
RSA/ECDSA Dual Stack      27483     4.3119

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 158110    24.8065  
Unsupported               479263    75.1935  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      12458     1.9546
SSL2 Only                 4         0.0006
SSL3                      74150     11.6337
SSL3 Only                 208       0.0326
SSL3 or TLS1 Only         33154     5.2017
SSL3 or lower Only        213       0.0334
TLS1                      619953    97.2669
TLS1 Only                 19293     3.027
TLS1 or lower Only        44790     7.0273
TLS1.1                    581621    91.2528
TLS1.1 Only               37        0.0058
TLS1.1 or up Only         17062     2.6769
TLS1.2                    591454    92.7956
TLS1.2 Only               7024      1.102
TLS1.2, 1.0 but not 1.1   3660      0.5742

Client Hello intolerance                 Count     Percent
----------------------------------------+---------+-------
ext:ALPN                                 7         0.0011
ext:EtM                                  19        0.003
ext:ext #38                              12        0.0019
ext:key share                            464       0.0728
ext:OCSP staple                          22        0.0035
ext:padding                              12        0.0019
ext:SNI                                  58        0.0091
last ext empty                           12        0.0019
more groups                              556       0.0872
more sigalgs                             566       0.0888
secure renego ext                        196       0.0308
secure renego scsv                       658       0.1032
size 65537                               8         0.0013
size 65540                               82        0.0129
size 65541                               537       0.0843
size 65544                               317       0.0497
size 65545                               146       0.0229
size 66741                               34        0.0053
size 131073                              466       0.0731
size 131076                              181       0.0284
size #84 e/76                            87        0.0136
size #84 e/141                           14        0.0022
size #84 e/182                           5         0.0008
size #84 e/330                           411       0.0645
size #84 e/532                           7         0.0011
size #84 e/1344                          5         0.0008
size #84 e/1356                          383       0.0601
size #84 e/1456                          10        0.0016
size #84 e/1977                          7         0.0011
size #84 e/2049                          162       0.0254
size #84 e/2053                          68        0.0107
size #84 e/2496                          5         0.0008
size #84 e/4076                          39        0.0061
size #84 e/4092                          1764      0.2768
size #84 e/4103                          21        0.0033
size #84 e/4229                          5         0.0008
size #84 e/8084                          5         0.0008
size #84 e/8156                          7         0.0011
size #84 e/8192                          11        0.0017
size #84 e/8229                          18        0.0028
size #84 e/8276                          5         0.0008
size #84 e/10095                         14        0.0022
size #84 e/10245                         4353      0.683
size #84 e/10338                         5         0.0008
size #84 e/11634                         208       0.0326
size #84 e/12288                         11        0.0017
size #84 e/12305                         14        0.0022
size #84 e/12825                         5         0.0008
size #84 e/13324                         7         0.0011
size #84 e/13451                         13        0.002
size #84 e/13466                         14        0.0022
size #84 e/13474                         17        0.0027
size #84 e/13478                         14        0.0022
size #84 e/13479                         21        0.0033
size #84 e/13480                         230       0.0361
size #84 e/13483                         5         0.0008
size #84 e/14344                         6         0.0009
size #84 e/15142                         960       0.1506
size #84 e/15180                         335       0.0526
size #84 e/15360                         8         0.0013
size #84 e/16289                         56        0.0088
size #84 e/16353                         536       0.0841
size #84 e/16366                         6         0.0009
size #84 e/16380                         28        0.0044
size #84 e/16382                         643       0.1009
size #84 e/16383                         60        0.0094
size #84 e/16384                         114       0.0179
size #84 e/16385                         26663     4.1833
size #84 e/16386                         29        0.0045
size #84 e/16387                         104       0.0163
size #84 e/16388                         190       0.0298
size #84 e/16389                         423865    66.5019
size #84 e/16392                         158124    24.8087
size #84 e/16480                         5         0.0008
size #84 e/16556                         14        0.0022
size #84 e/16562                         80        0.0126
size #84 e/16612                         9         0.0014
size #84 e/16628                         7         0.0011
size #84 e/16645                         104       0.0163
size #84 e/16740                         30        0.0047
size #84 e/16792                         5         0.0008
size #84 e/17145                         24        0.0038
size #84 e/17148                         5         0.0008
size #84 e/17182                         7         0.0011
size #84 e/17390                         26        0.0041
size #84 e/17468                         41        0.0064
size #84 e/17520                         7561      1.1863
size #84 e/17521                         47        0.0074
size #84 e/17522                         14        0.0022
size #84 e/17523                         103       0.0162
size #84 e/17524                         11        0.0017
size #84 e/17525                         8         0.0013
size #84 e/17526                         77        0.0121
size #84 e/17527                         13        0.002
size #84 e/17528                         9         0.0014
size #84 e/17529                         15        0.0024
size #84 e/17532                         79        0.0124
size #84 e/17533                         13        0.002
size #84 e/17534                         9         0.0014
size #84 e/17535                         16        0.0025
size #84 e/17536                         7         0.0011
size #84 e/17538                         12        0.0019
size #84 e/17540                         5         0.0008
size #84 e/17541                         8         0.0013
size #84 e/17542                         5         0.0008
size #84 e/17544                         49        0.0077
size #84 e/17547                         6         0.0009
size #84 e/17550                         6         0.0009
size #84 e/17556                         5         0.0008
size #84 e/17592                         7         0.0011
size #84 e/17676                         176       0.0276
size #84 e/17688                         9         0.0014
size #84 e/17706                         13        0.002
size #84 e/17736                         10        0.0016
size #84 e/17928                         32        0.005
size #84 e/18696                         7         0.0011
size #84 e/18868                         9         0.0014
size #84 e/19464                         11        0.0017
size #84 e/22536                         17        0.0027
size #84 e/32773                         123       0.0193
size #84 e/49153                         33        0.0052
size #84 e/65536                         400       0.0628
size c#/12                               486       0.0763
size c#/22                               40        0.0063
size c#/129                              1211      0.19
size c#/200                              7         0.0011
size c#/201                              68        0.0107
size c#/257                              481       0.0755
size c#/304                              8         0.0013
size c#/475                              20        0.0031
size c#/501                              153       0.024
size c#/606                              5         0.0008
size c#/612                              257       0.0403
size c#/614                              14        0.0022
size c#/653                              111       0.0174
size c#/662                              7         0.0011
size c#/943                              7         0.0011
size c#/944                              5         0.0008
size c#/958                              19        0.003
size c#/964                              13        0.002
size c#/970                              5         0.0008
size c#/998                              31        0.0049
size c#/1000                             162       0.0254
size c#/1001                             10        0.0016
size c#/1972                             29        0.0045
size c#/1979                             9         0.0014
size c#/1980                             14        0.0022
size c#/1981                             26        0.0041
size c#/1982                             55        0.0086
size c#/1983                             68        0.0107
size c#/1984                             101       0.0158
size c#/1985                             155       0.0243
size c#/1986                             159       0.0249
size c#/1987                             163       0.0256
size c#/1988                             130       0.0204
size c#/1989                             76        0.0119
size c#/1990                             28        0.0044
size c#/1991                             6         0.0009
size c#/2004                             9         0.0014
size c#/2013                             10        0.0016
size c#/2021                             771       0.121
size c#/2027                             11        0.0017
size c#/4017                             7         0.0011
size c#/4018                             12        0.0019
size c#/4019                             17        0.0027
size c#/4020                             29        0.0045
size c#/4021                             30        0.0047
size c#/4022                             25        0.0039
size c#/4023                             19        0.003
size c#/4024                             11        0.0017
size c#/4035                             133       0.0209
size c#/4053                             8         0.0013
size c#/4088                             17        0.0027
size c#/4962                             5         0.0008
size c#/5023                             14        0.0022
size c#/5056                             6         0.0009
size c#/5075                             93        0.0146
size c#/5098                             4251      0.667
size c#/5103                             5         0.0008
size c#/5751                             208       0.0326
size c#/6119                             14        0.0022
size c#/6127                             16        0.0025
size c#/6635                             5         0.0008
size c#/6636                             13        0.002
size c#/6698                             5         0.0008
size c#/6699                             14        0.0022
size c#/6707                             22        0.0035
size c#/6711                             14        0.0022
size c#/6713                             17        0.0027
size c#/6714                             14        0.0022
size c#/6715                             189       0.0297
size c#/6716                             5         0.0008
size c#/6953                             15        0.0024
size c#/6965                             70        0.011
size c#/6974                             11        0.0017
size c#/7083                             7         0.0011
size c#/7084                             7         0.0011
size c#/7085                             29        0.0045
size c#/7086                             47        0.0074
size c#/7087                             98        0.0154
size c#/7088                             167       0.0262
size c#/7089                             298       0.0468
size c#/7090                             447       0.0701
size c#/7091                             666       0.1045
size c#/7092                             813       0.1276
size c#/7093                             926       0.1453
size c#/7094                             873       0.137
size c#/7095                             743       0.1166
size c#/7096                             372       0.0584
size c#/7097                             162       0.0254
size c#/7098                             6         0.0009
size c#/7103                             6         0.0009
size c#/7104                             134       0.021
size c#/7105                             3372      0.529
size c#/7106                             177       0.0278
size c#/7107                             147994    23.2194
size c#/7235                             13        0.002
size c#/7621                             5         0.0008
size c#/7911                             5         0.0008
size c#/8107                             8         0.0013
size c#/8108                             9         0.0014
size c#/8109                             22        0.0035
size c#/8110                             67        0.0105
size c#/8111                             39        0.0061
size c#/8112                             33        0.0052
size c#/8113                             51        0.008
size c#/8114                             43        0.0067
size c#/8115                             43        0.0067
size c#/8116                             41        0.0064
size c#/8117                             28        0.0044
size c#/8118                             24        0.0038
size c#/8119                             15        0.0024
size c#/8120                             81        0.0127
size c#/8121                             33        0.0052
size c#/8122                             25        0.0039
size c#/8123                             12        0.0019
size c#/8124                             20        0.0031
size c#/8125                             43        0.0067
size c#/8126                             6099      0.9569
size c#/8127                             142       0.0223
size c#/8128                             928       0.1456
size c#/8129                             713       0.1119
size c#/8130                             1178      0.1848
size c#/8131                             2187      0.3431
size c#/8132                             3787      0.5942
size c#/8133                             6151      0.9651
size c#/8134                             8987      1.41
size c#/8135                             12276     1.926
size c#/8136                             14562     2.2847
size c#/8137                             13351     2.0947
size c#/8138                             15477     2.4282
size c#/8139                             2468      0.3872
size c#/8140                             404       0.0634
size c#/8141                             29        0.0045
size c#/8142                             24        0.0038
size c#/8143                             19        0.003
size c#/8144                             25        0.0039
size c#/8145                             6584      1.033
size c#/8146                             47        0.0074
size c#/8147                             20862     3.2731
size c#/8150                             5         0.0008
size c#/8152                             354       0.0555
size c#/8163                             5         0.0008
size c#/8164                             8         0.0013
size c#/8165                             18        0.0028
size c#/8166                             1112      0.1745
size c#/8167                             103       0.0162
size c#/8168                             12327     1.934
size c#/8169                             89        0.014
size c#/8170                             331577    52.0224
size c#/8171                             57        0.0089
size c#/8172                             70        0.011
size c#/8173                             37        0.0058
size c#/8259                             13        0.002
size c#/8298                             86        0.0135
size c#/10755                            10        0.0016
size c#/15299                            13        0.002
size c#/16362                            123       0.0193
size c#/24552                            33        0.0052
size c/74                                473       0.0742
size c/78                                9         0.0014
size c/98                                33        0.0052
size c/308                               1090      0.171
size c/312                               114       0.0179
size c/452                               65        0.0102
size c/532                               7         0.0011
size c/564                               372       0.0584
size c/568                               15        0.0024
size c/667                               6         0.0009
size c/670                               5         0.0008
size c/672                               8         0.0013
size c/673                               11        0.0017
size c/674                               7         0.0011
size c/676                               6         0.0009
size c/678                               5         0.0008
size c/681                               5         0.0008
size c/1000                              24        0.0038
size c/1052                              97        0.0152
size c/1097                              16        0.0025
size c/1135                              35        0.0055
size c/1344                              6         0.0009
size c/1356                              384       0.0602
size c/1456                              9         0.0014
size c/1977                              7         0.0011
size c/2049                              193       0.0303
size c/2052                              10        0.0016
size c/2073                              5         0.0008
size c/4076                              38        0.006
size c/4092                              1804      0.283
size c/4103                              28        0.0044
size c/8156                              8         0.0013
size c/8188                              5         0.0008
size c/8192                              10        0.0016
size c/8226                              17        0.0027
size c/10095                             14        0.0022
size c/10245                             4637      0.7275
size c/10338                             5         0.0008
size c/11634                             208       0.0326
size c/12288                             18        0.0028
size c/12304                             15        0.0024
size c/12825                             5         0.0008
size c/13320                             5         0.0008
size c/13322                             9         0.0014
size c/13448                             12        0.0019
size c/13464                             18        0.0028
size c/13472                             10        0.0016
size c/13476                             16        0.0025
size c/13478                             13        0.002
size c/13479                             19        0.003
size c/13480                             170       0.0267
size c/13481                             5         0.0008
size c/15356                             5         0.0008
size c/15360                             7         0.0011
size c/15872                             5         0.0008
size c/16082                             15        0.0024
size c/16106                             69        0.0108
size c/16124                             11        0.0017
size c/16289                             57        0.0089
size c/16353                             556       0.0872
size c/16378                             6         0.0009
size c/16380                             20        0.0031
size c/16382                             59        0.0093
size c/16383                             210       0.0329
size c/16384                             162       0.0254
size c/16385                             31300     4.9108
size c/16386                             1903      0.2986
size c/16387                             209       0.0328
size c/16388                             173       0.0271
size c/16389                             577971    90.6802
size c/16392                             29        0.0045
size c/16396                             7         0.0011
size c/16397                             8         0.0013
size c/16400                             84        0.0132
size c/16401                             64        0.01
size c/16402                             12        0.0019
size c/16404                             8         0.0013
size c/16406                             10        0.0016
size c/16408                             7183      1.127
size c/16645                             112       0.0176
size c/18502                             7         0.0011
size c/21559                             10        0.0016
size c/32769                             7         0.0011
size c/32773                             136       0.0213
size c/49153                             33        0.0052
size e#/2                                507       0.0795
size e#/4                                28        0.0044
size e#/6                                34        0.0053
size e#/8                                6         0.0009
size e#/9                                6         0.0009
size e#/16                               33        0.0052
size e#/18                               11        0.0017
size e#/33                               8         0.0013
size e#/38                               415       0.0651
size e#/39                               9         0.0014
size e#/43                               17        0.0027
size e#/52                               49        0.0077
size e#/97                               7         0.0011
size e#/300                              5         0.0008
size e#/303                              265       0.0416
size e#/322                              14        0.0022
size e#/337                              7         0.0011
size e#/338                              10        0.0016
size e#/343                              18        0.0028
size e#/346                              7         0.0011
size e#/478                              7         0.0011
size e#/491                              14        0.0022
size e#/494                              10        0.0016
size e#/497                              65        0.0102
size e#/944                              6         0.0009
size e#/983                              30        0.0047
size e#/985                              13        0.002
size e#/986                              40        0.0063
size e#/987                              121       0.019
size e#/988                              254       0.0399
size e#/989                              322       0.0505
size e#/990                              209       0.0328
size e#/991                              34        0.0053
size e#/997                              10        0.0016
size e#/1002                             9         0.0014
size e#/1006                             774       0.1214
size e#/1009                             11        0.0017
size e#/1023                             10        0.0016
size e#/1874                             8         0.0013
size e#/1875                             29        0.0045
size e#/1876                             57        0.0089
size e#/1877                             44        0.0069
size e#/1878                             12        0.0019
size e#/1881                             132       0.0207
size e#/1976                             13        0.002
size e#/2014                             9         0.0014
size e#/2015                             5         0.0008
size e#/2022                             7         0.0011
size e#/2030                             6         0.0009
size e#/2031                             12        0.0019
size e#/2046                             76        0.0119
size e#/2047                             5         0.0008
size e#/2048                             8         0.0013
size e#/2532                             93        0.0146
size e#/2545                             4249      0.6666
size e#/2557                             7         0.0011
size e#/2813                             5         0.0008
size e#/2872                             207       0.0325
size e#/2941                             5         0.0008
size e#/2956                             15        0.0024
size e#/3069                             79        0.0124
size e#/3070                             15        0.0024
size e#/3196                             5         0.0008
size e#/3201                             15        0.0024
size e#/3323                             9         0.0014
size e#/3324                             20        0.0031
size e#/3336                             8         0.0013
size e#/3339                             6         0.0009
size e#/3340                             31        0.0049
size e#/3346                             75        0.0118
size e#/3348                             15        0.0024
size e#/3351                             18        0.0028
size e#/3352                             21        0.0033
size e#/3353                             230       0.0361
size e#/3384                             15        0.0024
size e#/3407                             10        0.0016
size e#/3408                             126       0.0198
size e#/3409                             148       0.0232
size e#/3410                             463       0.0726
size e#/3411                             1106      0.1735
size e#/3412                             1719      0.2697
size e#/3413                             1575      0.2471
size e#/3414                             498       0.0781
size e#/3415                             16        0.0025
size e#/3416                             3090      0.4848
size e#/3417                             148005    23.2211
size e#/3516                             5         0.0008
size e#/3547                             18        0.0028
size e#/3548                             12        0.0019
size e#/3564                             5         0.0008
size e#/3579                             5         0.0008
size e#/3580                             59        0.0093
size e#/3581                             28        0.0044
size e#/3708                             11        0.0017
size e#/3806                             5         0.0008
size e#/3820                             6         0.0009
size e#/3832                             6         0.0009
size e#/3835                             6         0.0009
size e#/3836                             79        0.0124
size e#/3900                             5         0.0008
size e#/3964                             79        0.0124
size e#/3965                             5         0.0008
size e#/3996                             6         0.0009
size e#/4020                             5         0.0008
size e#/4026                             5         0.0008
size e#/4028                             77        0.0121
size e#/4052                             48        0.0075
size e#/4055                             6         0.0009
size e#/4056                             19        0.003
size e#/4057                             27        0.0042
size e#/4058                             104       0.0163
size e#/4059                             412       0.0646
size e#/4060                             13977     2.1929
size e#/4061                             3911      0.6136
size e#/4062                             9946      1.5605
size e#/4063                             21372     3.3531
size e#/4064                             28061     4.4026
size e#/4065                             10747     1.6861
size e#/4066                             407       0.0639
size e#/4067                             6555      1.0284
size e#/4068                             20841     3.2698
size e#/4072                             351       0.0551
size e#/4074                             5         0.0008
size e#/4075                             1047      0.1643
size e#/4076                             102       0.016
size e#/4077                             15        0.0024
size e#/4078                             25        0.0039
size e#/4079                             17        0.0027
size e#/4080                             11261     1.7668
size e#/4081                             322584    50.6115
size e#/7513                             12        0.0019
size e#/8177                             99        0.0155
size e#/12272                            24        0.0038
size e#/15703                            10        0.0016
size e#/16367                            20        0.0031
size e/76                                89        0.014
size e/97                                29        0.0045
size e/141                               17        0.0027
size e/179                               7         0.0011
size e/256                               176       0.0276
size e/384                               62        0.0097
size e/392                               5         0.0008
size e/416                               5         0.0008
size e/511                               177       0.0278
size e/532                               7         0.0011
size e/554                               7         0.0011
size e/640                               694       0.1089
size e/1344                              6         0.0009
size e/1356                              393       0.0617
size e/1456                              8         0.0013
size e/1977                              7         0.0011
size e/1987                              411       0.0645
size e/2049                              193       0.0303
size e/2053                              68        0.0107
size e/2496                              5         0.0008
size e/2783                              16        0.0025
size e/4076                              39        0.0061
size e/4092                              1800      0.2824
size e/4103                              28        0.0044
size e/8156                              7         0.0011
size e/8188                              5         0.0008
size e/8192                              11        0.0017
size e/8229                              14        0.0022
size e/8276                              5         0.0008
size e/8280                              6         0.0009
size e/10095                             14        0.0022
size e/10245                             4640      0.728
size e/10338                             5         0.0008
size e/11634                             208       0.0326
size e/12288                             16        0.0025
size e/12305                             9         0.0014
size e/12825                             5         0.0008
size e/13324                             13        0.002
size e/13451                             17        0.0027
size e/13466                             13        0.002
size e/13474                             16        0.0025
size e/13476                             6         0.0009
size e/13478                             11        0.0017
size e/13479                             23        0.0036
size e/13480                             236       0.037
size e/15142                             960       0.1506
size e/15180                             335       0.0526
size e/15356                             5         0.0008
size e/15360                             7         0.0011
size e/16082                             15        0.0024
size e/16106                             69        0.0108
size e/16124                             11        0.0017
size e/16289                             57        0.0089
size e/16353                             551       0.0864
size e/16374                             6         0.0009
size e/16380                             28        0.0044
size e/16382                             69        0.0108
size e/16383                             167       0.0262
size e/16384                             134       0.021
size e/16385                             31304     4.9114
size e/16386                             110       0.0173
size e/16387                             142       0.0223
size e/16388                             316       0.0496
size e/16389                             577312    90.5768
size e/16392                             19        0.003
size e/16556                             18        0.0028
size e/16562                             80        0.0126
size e/16612                             10        0.0016
size e/16628                             8         0.0013
size e/16645                             117       0.0184
size e/16740                             30        0.0047
size e/16792                             5         0.0008
size e/17145                             23        0.0036
size e/17146                             5         0.0008
size e/17182                             7         0.0011
size e/17202                             5         0.0008
size e/17390                             23        0.0036
size e/17468                             40        0.0063
size e/17520                             7603      1.1929
size e/17521                             63        0.0099
size e/17522                             8         0.0013
size e/17523                             65        0.0102
size e/17524                             19        0.003
size e/17526                             75        0.0118
size e/17527                             8         0.0013
size e/17528                             9         0.0014
size e/17529                             21        0.0033
size e/17531                             5         0.0008
size e/17532                             69        0.0108
size e/17533                             7         0.0011
size e/17535                             8         0.0013
size e/17536                             11        0.0017
size e/17538                             21        0.0033
size e/17541                             11        0.0017
size e/17542                             5         0.0008
size e/17543                             5         0.0008
size e/17544                             51        0.008
size e/17550                             5         0.0008
size e/17556                             5         0.0008
size e/17568                             6         0.0009
size e/17592                             5         0.0008
size e/17676                             172       0.027
size e/17679                             6         0.0009
size e/17682                             6         0.0009
size e/17688                             7         0.0011
size e/17691                             6         0.0009
size e/17706                             14        0.0022
size e/17736                             15        0.0024
size e/17928                             45        0.0071
size e/18502                             7         0.0011
size e/18696                             5         0.0008
size e/18868                             9         0.0014
size e/19464                             19        0.003
size e/22536                             15        0.0024
size e/28679                             5         0.0008
size e/32769                             7         0.0011
size e/32773                             136       0.0213
size e/49153                             33        0.0052
SSL 3.254                                12046     1.8899
SSL 4.0                                  15358     2.4096
SSL 4.3                                  14756     2.3151
SSL 255.255                              14822     2.3255
TLS 1.0                                  16337     2.5632
TLS 1.1                                  6466      1.0145
TLS 1.2                                  11        0.0017
TLS 1.3                                  6400      1.0041
TLS 1.4                                  7159      1.1232

Implementation families                               Count       Percent
-----------------------------------------------------+-----------+-------
65537                                              5         0.0008
65540                                              77        0.0121
65541                                              537       0.0843
65544                                              315       0.0494
65545                                              145       0.0227
131076                                             164       0.0257
c/308 c#/129 TLS_1.3+                              1086      0.1704
c/312 c#/129 TLS_1.3+                              28        0.0044
c/564 c#/257 SSL_4.0+ SSL_3.254                    5         0.0008
c/564 c#/257 TLS_1.3+                              23        0.0036
c/568 c#/257 TLS_1.3+                              14        0.0022
c/1000 c#/475 TLS_1.3+                             20        0.0031
c/1052 c#/501 TLS_1.3+                             8         0.0013
e#/38 131073                                       24        0.0038
e#/38 SSL_3.254 SSL_255.255 131073                 23        0.0036
e#/38 SSL_4.0 131073                               312       0.049
e#/38 SSL_4.0 SSL_3.254 SSL_255.255 131073         27        0.0042
e#/38 SSL_4.0+ SSL_3.254 131073                    8         0.0013
e#/39 SSL_4.0 131073                               8         0.0013
e#/43 SSL_4.0 131073                               15        0.0024
e#/52 SSL_4.0 131073                               37        0.0058
e#/15703                                           10        0.0016
e/76 e/384 e#/2 c/74 c#/12 SSL_3.254 #84_e/76      11        0.0017
e/76 e/640 e#/2 c/74 c#/12 #84_e/76                10        0.0016
e/76 e/640 e#/2 c/16383 #84_e/76                   10        0.0016
e/97 e/640 e#/4 c/98 c#/22 SSL_3.254 #84_e/16382   11        0.0017
e/97 e/640 e#/6 c/98 c#/22 SSL_3.254 #84_e/16382   16        0.0025
e/384 e/16389 e#/4081 c/16389 #84_e/16389          7         0.0011
e/511 e/256 e/10095 c/10095 #84_e/10095            14        0.0022
e/511 e/256 e/10338 c/10338 #84_e/10338            5         0.0008
e/640 e/141 e#/6 c/16389 #84_e/141                 9         0.0014
e/640 e/532 e#/97 c/532 c#/200 #84_e/532           7         0.0011
e/640 e/2783 e#/16 c/16387 #84_e/16382             8         0.0013
e/640 e/16389 e#/4081 c/16389 #84_e/16389          8         0.0013
e/1356 c/1356 c#/614 SSL_4.0+ #84_e/1356           5         0.0008
e/1356 c/1356 c#/653 SSL_4.0+ #84_e/1356           79        0.0124
e/1356 c/1356 c#/653 TLS_1.3+ #84_e/1356           25        0.0039
e/1356 e#/303 c/1356 c#/612 #84_e/1356             232       0.0364
e/1356 e#/322 c/1356 c#/614 #84_e/1356             6         0.0009
e/1977 e#/478 c/1977 c#/964 SSL_4.0+ #84_e/1977    6         0.0009
e/2049 c/2049 c#/998 TLS_1.3+ #84_e/16382          17        0.0027
e/2049 c/2049 c#/1000 TLS_1.3+ #84_e/2049          157       0.0246
e/2049 e#/491 c/2049 c#/998 TLS_1.3+ #84_e/16382   14        0.0022
e/2053 e#/497 c/452 c#/201 SSL_4.0+ #84_e/2053     65        0.0102
e/4076 e#/983 c/4076 c#/1972 #84_e/4076            28        0.0044
e/4076 e#/1002 c/4076 c#/2013 #84_e/4076           8         0.0013
e/4092 e#/337 c/4092 c#/943 #84_e/16382            7         0.0011
e/4092 e#/338 c/4092 c#/944 #84_e/16382            5         0.0008
e/4092 e#/343 c/4092 c#/958 #84_e/16382            18        0.0028
e/4092 e#/985 c/4092 c#/1979 #84_e/4092            9         0.0014
e/4092 e#/986 c/4092 c#/1980 #84_e/4092            13        0.002
e/4092 e#/986 c/4092 c#/1981 #84_e/4092            26        0.0041
e/4092 e#/987 c/4092 c#/1982 #84_e/4092            54        0.0085
e/4092 e#/987 c/4092 c#/1983 #84_e/4092            66        0.0104
e/4092 e#/988 c/4092 c#/1984 #84_e/4092            99        0.0155
e/4092 e#/988 c/4092 c#/1985 #84_e/4092            153       0.024
e/4092 e#/989 c/4092 c#/1986 #84_e/4092            159       0.0249
e/4092 e#/989 c/4092 c#/1987 #84_e/4092            163       0.0256
e/4092 e#/990 c/4092 c#/1988 #84_e/4092            128       0.0201
e/4092 e#/990 c/4092 c#/1989 #84_e/4092            76        0.0119
e/4092 e#/991 c/4092 c#/1990 #84_e/4092            27        0.0042
e/4092 e#/991 c/4092 c#/1991 #84_e/4092            6         0.0009
e/4092 e#/1006 c/4092 c#/2021 #84_e/4092           765       0.12
e/4103 e#/346 c/4103 c#/964 #84_e/16382            7         0.0011
e/4103 e#/997 c/4103 c#/2004 #84_e/4103            9         0.0014
e/4103 e#/1009 c/4103 c#/2027 #84_e/4103           11        0.0017
e/8280 e#/4060 c/16385 #84_e/4229                  5         0.0008
e/10245 e#/1874 c/10245 c#/4017 SSL_3.254 #84_e/16382 7         0.0011
e/10245 e#/1875 c/10245 c#/4018 SSL_3.254 #84_e/16382 11        0.0017
e/10245 e#/1875 c/10245 c#/4019 SSL_3.254 #84_e/16382 15        0.0024
e/10245 e#/1876 c/10245 c#/4020 SSL_3.254 #84_e/16382 25        0.0039
e/10245 e#/1876 c/10245 c#/4021 SSL_3.254 #84_e/16382 28        0.0044
e/10245 e#/1877 c/10245 c#/4022 SSL_3.254 #84_e/16382 23        0.0036
e/10245 e#/1877 c/10245 c#/4023 SSL_3.254 #84_e/16382 19        0.003
e/10245 e#/1878 c/10245 c#/4024 SSL_3.254 #84_e/16382 10        0.0016
e/10245 e#/1881 c/10245 c#/4035 #84_e/16382        132       0.0207
e/10245 e#/2532 c/10245 #84_e/10245                93        0.0146
e/10245 e#/2545 c/10245 #84_e/10245                471       0.0739
e/10245 e#/2545 c/10245 SSL_3.254 #84_e/10245      3772      0.5918
e/11634 e#/2872 c/11634 #84_e/11634                207       0.0325
e/13480 e#/3353 c/13464 #84_e/13480                7         0.0011
e/13480 e#/3353 c/13478 #84_e/13480                6         0.0009
e/13480 e#/3353 c/13479 #84_e/13480                10        0.0016
e/13480 e#/3353 c/13480 #84_e/13479                6         0.0009
e/13480 e#/3353 c/13480 #84_e/13480                51        0.008
e/15142 e#/4067 c/16385 #84_e/15142                40        0.0063
e/15142 e#/4068 c/16389 #84_e/15142                915       0.1436
e/15180 e#/4060 c/16385 #84_e/15180                144       0.0226
e/15180 e#/4060 c/16408 #84_e/15180                179       0.0281
e/16082 e#/3340 c/16082 #84_e/16382                15        0.0024
e/16106 e#/3346 c/16106 #84_e/16382                69        0.0108
e/16124 e#/3351 c/16124 #84_e/16382                11        0.0017
e/16289 c/16289 SSL_4.0+ #84_e/16289               56        0.0088
e/16353 e#/3408 c/16353 #84_e/16382                9         0.0014
e/16353 e#/4052 c/16353 #84_e/16353                38        0.006
e/16353 e#/4059 c/16353 #84_e/16353                126       0.0198
e/16353 e#/4072 c/16353 #84_e/16353                305       0.0479
e/16353 e#/4072 c/16353 SSL_4.0+ #84_e/16353       9         0.0014
e/16353 e#/4072 c/16353 SSL_4.0+ SSL_3.254 #84_e/16353 8         0.0013
e/16353 e#/4072 c/16353 TLS_1.3+ #84_e/16353       17        0.0027
e/16380 e#/494 c/2052 c#/1001 #84_e/16380          10        0.0016
e/16380 e#/4078 c/16380 #84_e/16380                11        0.0017
e/16382 e#/4080 c/16382 SSL_4.0+ #84_e/16382       7         0.0011
e/16382 e#/4081 c/16389 #84_e/16382                5         0.0008
e/16382 e#/4081 c/16389 #84_e/16389                16        0.0025
e/16383 e#/3408 c/16383 #84_e/16392                83        0.013
e/16384 e#/4060 c/16384 #84_e/16384                42        0.0066
e/16384 e#/4063 c/16384 #84_e/16384                7         0.0011
e/16384 e#/4064 c/16384 #84_e/16384                5         0.0008
e/16384 e#/4067 c/16384 #84_e/16384                12        0.0019
e/16385 c/564 c#/257 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 5         0.0008
e/16385 c/16385 #84_e/16385                        322       0.0505
e/16385 c/16385 SSL_4.0+ #84_e/16385               177       0.0278
e/16385 c/16385 SSL_4.0+ #84_e/16392               82        0.0129
e/16385 c/16385 TLS_1.3+ #84_e/16385               702       0.1101
e/16385 c/16385 TLS_1.3+ #84_e/16392               164       0.0257
e/16385 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 333       0.0522
e/16385 e#/38 c/16385 SSL_4.0 #84_e/16385          9         0.0014
e/16385 e#/3409 c/16385 #84_e/16392                6         0.0009
e/16385 e#/3409 c/16385 TLS_1.3+ #84_e/16392       6         0.0009
e/16385 e#/3410 c/16385 #84_e/16392                21        0.0033
e/16385 e#/3410 c/16385 TLS_1.3+ #84_e/16392       19        0.003
e/16385 e#/3411 c/16385 #84_e/16392                16        0.0025
e/16385 e#/3411 c/16385 #84_e/65536                7         0.0011
e/16385 e#/3411 c/16385 TLS_1.3+ #84_e/16392       22        0.0035
e/16385 e#/3412 c/16385 #84_e/16392                17        0.0027
e/16385 e#/3412 c/16385 #84_e/65536                11        0.0017
e/16385 e#/3412 c/16385 TLS_1.3+ #84_e/16392       22        0.0035
e/16385 e#/3413 c/16385 #84_e/16392                9         0.0014
e/16385 e#/3413 c/16385 TLS_1.3+ #84_e/16392       17        0.0027
e/16385 e#/3416 c/16383 SSL_4.0+ #84_e/16392       11        0.0017
e/16385 e#/3416 c/16385 #84_e/16392                1263      0.1982
e/16385 e#/3416 c/16385 #84_e/65536                316       0.0496
e/16385 e#/3416 c/16385 SSL_4.0+ #84_e/16392       1189      0.1865
e/16385 e#/3416 c/16386 SSL_4.0+ #84_e/16392       64        0.01
e/16385 e#/3416 c/16387 SSL_4.0+ #84_e/16392       63        0.0099
e/16385 e#/3416 c/16388 SSL_4.0+ #84_e/16392       9         0.0014
e/16385 e#/3416 c/16389 SSL_4.0+ #84_e/16392       16        0.0025
e/16385 e#/3417 c/16385 SSL_4.0+ #84_e/16392       222       0.0348
e/16385 e#/3417 c/16386 SSL_4.0+ #84_e/16392       39        0.0061
e/16385 e#/3417 c/16387 SSL_4.0+ #84_e/16392       29        0.0045
e/16385 e#/3417 c/16388 SSL_4.0+ #84_e/16392       5         0.0008
e/16385 e#/3417 c/16389 SSL_4.0+ #84_e/16392       7         0.0011
e/16385 e#/3547 c/16385 #84_e/16392                16        0.0025
e/16385 e#/4057 c/16385 #84_e/16385                8         0.0013
e/16385 e#/4057 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 7         0.0011
e/16385 e#/4058 c/16385 #84_e/16385                32        0.005
e/16385 e#/4058 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 14        0.0022
e/16385 e#/4059 c/16385 #84_e/16385                66        0.0104
e/16385 e#/4059 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 22        0.0035
e/16385 e#/4060 c/676 c#/257 #84_e/16385           5         0.0008
e/16385 e#/4060 c/1135 c#/501 #84_e/16385          6         0.0009
e/16385 e#/4060 c/16385 #84_e/16385                5725      0.8982
e/16385 e#/4060 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 36        0.0056
e/16385 e#/4061 c/16385 #84_e/16385                432       0.0678
e/16385 e#/4061 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 15        0.0024
e/16385 e#/4062 c/16385 #84_e/16385                857       0.1345
e/16385 e#/4063 c/16385 #84_e/16385                944       0.1481
e/16385 e#/4064 c/16385 #84_e/16385                396       0.0621
e/16385 e#/4065 c/16385 #84_e/16385                32        0.005
e/16385 e#/4067 c/16385 #84_e/16385                6472      1.0154
e/16385 e#/4075 c/16385 #84_e/16385                32        0.005
e/16385 e#/4075 c/16385 TLS_1.3+ #84_e/16392       940       0.1475
e/16385 e#/4080 c/564 c#/257 #84_e/16385           195       0.0306
e/16385 e#/4080 c/1052 c#/501 #84_e/16385          7         0.0011
e/16385 e#/4080 c/16385 #84_e/16385                6027      0.9456
e/16385 e#/4080 c/16385 SSL_4.0 #84_e/16385        48        0.0075
e/16385 e#/4080 c/16385 SSL_4.0+ #84_e/16385       537       0.0843
e/16385 e#/4080 c/16385 TLS_1.3+ #84_e/16385       2618      0.4107
e/16385 e#/4080 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 298       0.0468
e/16385 e#/4081 c/16389 #84_e/16385                11        0.0017
e/16386 e#/3416 c/16385 SSL_4.0+ #84_e/16392       41        0.0064
e/16386 e#/3416 c/16386 SSL_4.0+ #84_e/16392       9         0.0014
e/16386 e#/3416 c/16387 SSL_4.0+ #84_e/16392       8         0.0013
e/16386 e#/3417 c/16385 SSL_4.0+ #84_e/16392       14        0.0022
e/16387 e#/3416 c/16385 SSL_4.0+ #84_e/16392       8         0.0013
e/16387 e#/4068 c/16385 #84_e/16387                7         0.0011
e/16387 e#/4068 c/16389 #84_e/16387                6         0.0009
e/16387 e#/4068 c/16389 #84_e/16389                12        0.0019
e/16387 e#/4081 c/16389 #84_e/16389                17        0.0027
e/16388 e#/3416 c/16385 SSL_4.0+ #84_e/16392       39        0.0061
e/16388 e#/3416 c/16386 SSL_4.0+ #84_e/16392       8         0.0013
e/16388 e#/3416 c/16387 SSL_4.0+ #84_e/16392       5         0.0008
e/16388 e#/3417 c/16385 SSL_4.0+ #84_e/16392       32        0.005
e/16388 e#/3417 c/16387 SSL_4.0+ #84_e/16392       8         0.0013
e/16388 e#/3417 c/16388 #84_e/16392                10        0.0016
e/16388 e#/3417 c/16389 #84_e/16392                9         0.0014
e/16388 e#/4068 c/16387 #84_e/16388                5         0.0008
e/16388 e#/4068 c/16388 #84_e/16388                6         0.0009
e/16388 e#/4068 c/16389 #84_e/16389                12        0.0019
e/16388 e#/4081 c/16389 #84_e/16388                16        0.0025
e/16388 e#/4081 c/16389 #84_e/16389                19        0.003
e/16389 c/564 c#/257 SSL_4.0+ #84_e/16389          8         0.0013
e/16389 c/1135 c#/501 #84_e/16389                  5         0.0008
e/16389 c/16389 #84_e/16389                        5910      0.9272
e/16389 c/16389 #84_e/16392                        106       0.0166
e/16389 c/16389 SSL_4.0+ #84_e/16389               2435      0.382
e/16389 c/16389 SSL_4.0+ #84_e/16392               120       0.0188
e/16389 c/16389 TLS_1.3+ #84_e/16389               107       0.0168
e/16389 c/16389 TLS_1.3+ #84_e/16392               38        0.006
e/16389 e#/2 c/16389 #84_e/16389                   23        0.0036
e/16389 e#/16 c/16389 #84_e/16392                  13        0.002
e/16389 e#/944 c/16389 #84_e/16392                 6         0.0009
e/16389 e#/1976 c/16389 #84_e/16392                11        0.0017
e/16389 e#/2046 c/16389 #84_e/16389                43        0.0067
e/16389 e#/2956 c/16389 #84_e/16392                12        0.0019
e/16389 e#/3069 c/16389 #84_e/16389                48        0.0075
e/16389 e#/3070 c/16389 #84_e/16389                6         0.0009
e/16389 e#/3201 c/16389 #84_e/16392                12        0.0019
e/16389 e#/3323 c/16389 #84_e/16392                6         0.0009
e/16389 e#/3384 c/16389 #84_e/16392                14        0.0022
e/16389 e#/3407 c/16389 #84_e/16392                7         0.0011
e/16389 e#/3408 c/16389 #84_e/16392                32        0.005
e/16389 e#/3409 c/16389 #84_e/16392                134       0.021
e/16389 e#/3410 c/16389 #84_e/16392                418       0.0656
e/16389 e#/3411 c/16389 #84_e/16392                1059      0.1662
e/16389 e#/3412 c/16389 #84_e/16392                1664      0.2611
e/16389 e#/3413 c/16389 #84_e/16392                1543      0.2421
e/16389 e#/3414 c/16389 #84_e/16392                497       0.078
e/16389 e#/3415 c/16389 #84_e/16392                13        0.002
e/16389 e#/3416 c/16389 #84_e/16392                19        0.003
e/16389 e#/3417 c/16383 #84_e/16392                18        0.0028
e/16389 e#/3417 c/16388 #84_e/16392                6         0.0009
e/16389 e#/3417 c/16389 #84_e/16382                5         0.0008
e/16389 e#/3417 c/16389 #84_e/16392                147432    23.1312
e/16389 e#/3417 c/16389 SSL_4.0+ #84_e/16392       45        0.0071
e/16389 e#/3548 c/16389 #84_e/16389                5         0.0008
e/16389 e#/3580 c/16389 #84_e/16389                43        0.0067
e/16389 e#/3708 c/16389 #84_e/16389                9         0.0014
e/16389 e#/3836 c/16389 #84_e/16389                64        0.01
e/16389 e#/3964 c/16389 #84_e/16389                65        0.0102
e/16389 e#/3996 c/16389 #84_e/16389                5         0.0008
e/16389 e#/4028 c/16389 #84_e/16389                54        0.0085
e/16389 e#/4056 c/16389 #84_e/16389                7         0.0011
e/16389 e#/4057 c/16389 #84_e/16389                7         0.0011
e/16389 e#/4058 c/16389 #84_e/16389                44        0.0069
e/16389 e#/4059 c/16389 #84_e/16389                170       0.0267
e/16389 e#/4060 c/16389 #84_e/16389                719       0.1128
e/16389 e#/4061 c/673 c#/257 #84_e/16389           7         0.0011
e/16389 e#/4061 c/674 c#/257 #84_e/16389           5         0.0008
e/16389 e#/4061 c/16389 #84_e/16389                3335      0.5232
e/16389 e#/4062 c/16389 #84_e/16389                8903      1.3968
e/16389 e#/4063 c/16389 #84_e/16389                20234     3.1746
e/16389 e#/4064 c/16389 #84_e/16389                27531     4.3194
e/16389 e#/4065 c/16389 #84_e/16389                10703     1.6792
e/16389 e#/4066 c/16389 #84_e/16389                399       0.0626
e/16389 e#/4067 c/16389 #84_e/16389                5         0.0008
e/16389 e#/4068 c/1097 c#/501 #84_e/16389          11        0.0017
e/16389 e#/4068 c/16387 #84_e/16389                7         0.0011
e/16389 e#/4068 c/16388 #84_e/16389                11        0.0017
e/16389 e#/4068 c/16389 #84_e/16387                7         0.0011
e/16389 e#/4068 c/16389 #84_e/16388                7         0.0011
e/16389 e#/4068 c/16389 #84_e/16389                19723     3.0944
e/16389 e#/4076 c/16389 #84_e/16389                59        0.0093
e/16389 e#/4076 c/16389 #84_e/16392                21        0.0033
e/16389 e#/4076 c/16389 TLS_1.3+ #84_e/16392       11        0.0017
e/16389 e#/4077 c/16389 #84_e/16389                14        0.0022
e/16389 e#/4078 c/16389 #84_e/16389                9         0.0014
e/16389 e#/4079 c/16389 #84_e/16389                7         0.0011
e/16389 e#/4080 c/16386 #84_e/16389                21        0.0033
e/16389 e#/4080 c/16386 TLS_1.3+ #84_e/16389       24        0.0038
e/16389 e#/4080 c/16389 #84_e/16389                75        0.0118
e/16389 e#/4081 c/564 c#/257 #84_e/16389           108       0.0169
e/16389 e#/4081 c/1052 c#/501 #84_e/16389          62        0.0097
e/16389 e#/4081 c/16382 #84_e/16389                22        0.0035
e/16389 e#/4081 c/16386 #84_e/16389                19        0.003
e/16389 e#/4081 c/16388 #84_e/16389                17        0.0027
e/16389 e#/4081 c/16389 #84_e/16382                10        0.0016
e/16389 e#/4081 c/16389 #84_e/16387                15        0.0024
e/16389 e#/4081 c/16389 #84_e/16388                22        0.0035
e/16389 e#/4081 c/16389 #84_e/16389                320309    50.2546
e/16389 e#/4081 c/16389 SSL_4.0+ #84_e/16389       1606      0.252
e/16389 e#/4081 c/16389 TLS_1.3+ #84_e/16389       49        0.0077
e/16392 e#/16367 c/16392 #84_e/16392               17        0.0027
e/16556 e#/4080 c/16386 #84_e/16556                12        0.0019
e/16562 e#/4060 c/16408 #84_e/16562                47        0.0074
e/16562 e#/4080 c/16386 #84_e/16562                25        0.0039
e/16612 e#/3581 c/16408 #84_e/16612                8         0.0013
e/16645 c/16645 #84_e/16645                        82        0.0129
e/16645 c/16645 #84_e/65536                        12        0.0019
e/16645 c/16645 SSL_4.0+ #84_e/16645               14        0.0022
e/16740 e#/4060 c/16408 #84_e/16740                21        0.0033
e/17145 e#/4060 c/16408 #84_e/17145                10        0.0016
e/17145 e#/4080 c/16386 #84_e/17145                5         0.0008
e/17390 e#/4060 c/16408 #84_e/17390                16        0.0025
e/17390 e#/4080 c/16386 #84_e/17390                5         0.0008
e/17468 e#/4060 c/16408 #84_e/17468                25        0.0039
e/17468 e#/4080 c/16386 #84_e/17468                14        0.0022
e/17520 e#/4060 c/1135 c#/501 #84_e/17520          11        0.0017
e/17520 e#/4060 c/16385 #84_e/17520                10        0.0016
e/17520 e#/4060 c/16392 #84_e/17520                5         0.0008
e/17520 e#/4060 c/16396 #84_e/17520                5         0.0008
e/17520 e#/4060 c/16400 #84_e/17520                6         0.0009
e/17520 e#/4060 c/16402 #84_e/17520                8         0.0013
e/17520 e#/4060 c/16404 #84_e/17520                7         0.0011
e/17520 e#/4060 c/16406 #84_e/17520                10        0.0016
e/17520 e#/4060 c/16408 #84_e/17520                5602      0.8789
e/17520 e#/4060 c/16408 #84_e/17521                28        0.0044
e/17520 e#/4060 c/16408 #84_e/17523                51        0.008
e/17520 e#/4060 c/16408 #84_e/17526                33        0.0052
e/17520 e#/4060 c/16408 #84_e/17532                34        0.0053
e/17520 e#/4060 c/16408 #84_e/17533                7         0.0011
e/17520 e#/4060 c/16408 #84_e/17544                28        0.0044
e/17520 e#/4060 c/16408 #84_e/17928                12        0.0019
e/17520 e#/4060 c/16408 #84_e/19464                6         0.0009
e/17520 e#/4060 c/16408 #84_e/22536                5         0.0008
e/17520 e#/4061 c/16385 #84_e/17520                19        0.003
e/17520 e#/4061 c/16386 #84_e/17520                21        0.0033
e/17520 e#/4061 c/16400 #84_e/17520                13        0.002
e/17520 e#/4061 c/16401 #84_e/17520                9         0.0014
e/17520 e#/4062 c/16385 #84_e/17520                55        0.0086
e/17520 e#/4062 c/16386 #84_e/17520                30        0.0047
e/17520 e#/4062 c/16400 #84_e/17520                22        0.0035
e/17520 e#/4062 c/16401 #84_e/17520                12        0.0019
e/17520 e#/4063 c/16385 #84_e/17520                58        0.0091
e/17520 e#/4063 c/16386 #84_e/17520                59        0.0093
e/17520 e#/4063 c/16400 #84_e/17520                20        0.0031
e/17520 e#/4063 c/16401 #84_e/17520                12        0.0019
e/17520 e#/4064 c/16385 #84_e/17520                30        0.0047
e/17520 e#/4064 c/16386 #84_e/17520                53        0.0083
e/17520 e#/4064 c/16400 #84_e/17520                8         0.0013
e/17520 e#/4064 c/16401 #84_e/17520                13        0.002
e/17520 e#/4075 c/16386 #84_e/17520                49        0.0077
e/17520 e#/4080 c/16386 #84_e/17520                1091      0.1712
e/17520 e#/4080 c/16386 #84_e/17523                6         0.0009
e/17520 e#/4080 c/16386 #84_e/17532                5         0.0008
e/17521 e#/4060 c/16408 #84_e/17520                35        0.0055
e/17523 e#/4060 c/16408 #84_e/17520                30        0.0047
e/17523 e#/4080 c/16386 #84_e/17520                5         0.0008
e/17524 e#/4060 c/16408 #84_e/17520                6         0.0009
e/17526 e#/4060 c/16408 #84_e/17520                36        0.0056
e/17529 e#/4060 c/16408 #84_e/17520                5         0.0008
e/17532 e#/4060 c/16408 #84_e/17520                28        0.0044
e/17544 e#/4060 c/16408 #84_e/17520                18        0.0028
e/17676 e#/4060 c/1135 c#/501 #84_e/17676          7         0.0011
e/17676 e#/4060 c/16408 #84_e/17676                105       0.0165
e/17676 e#/4080 c/16386 #84_e/17676                37        0.0058
e/17688 e#/4060 c/16408 #84_e/17676                5         0.0008
e/17706 e#/4060 c/16408 #84_e/17706                9         0.0014
e/17928 e#/4060 c/16408 #84_e/17520                12        0.0019
e/17928 e#/4060 c/16408 #84_e/17523                6         0.0009
e/18502 e#/52 c/18502 SSL_4.0 #84_e/65536          5         0.0008
e/18868 e#/4080 c/16386 #84_e/18868                5         0.0008
e/19464 e#/4060 c/16408 #84_e/17520                6         0.0009
e/22536 e#/4060 c/16408 #84_e/17520                5         0.0008
e/32773 c/32773 SSL_4.0 #84_e/32773                20        0.0031
e/32773 e#/7513 c/32773 SSL_4.0 #84_e/65536        12        0.0019
e/32773 e#/8177 c/32773 #84_e/32773                46        0.0072
e/32773 e#/8177 c/32773 SSL_4.0 #84_e/32773        52        0.0082
e/49153 c/49153 #84_e/49153                        9         0.0014
e/49153 e#/12272 c/49153 #84_e/49153               24        0.0038
ext:OCSP_staple e/16389 e#/4081 c/16389 #84_e/16389 12        0.0019
ext:SNI e/16385 e#/4080 c/16385 TLS_1.3+ #84_e/16385 8         0.0013
ext:SNI e/16389 e#/3417 c/16389 #84_e/16392        44        0.0069
last_ext_empty                                     5         0.0008
more_groups e/16389 e#/4081 c/16389 #84_e/16389    12        0.0019
more_sigalgs 131076                                17        0.0027
more_sigalgs e/16389 e#/4081 c/16389 #84_e/16389   9         0.0014
secure_renego_ext c/312 c#/129 TLS_1.3+            86        0.0135
secure_renego_ext e/12288 c/12288 #84_e/12288      11        0.0017
secure_renego_ext e/16389 c/16389 #84_e/16389      6         0.0009
secure_renego_ext e/16389 c/16389 #84_e/16392      7         0.0011
secure_renego_scsv e/16385 e#/4080 c/16385 #84_e/16385 5         0.0008
secure_renego_scsv e/16385 e#/4081 c/16385 #84_e/16385 5         0.0008
secure_renego_scsv e/16389 e#/3417 c/16389 #84_e/16392 20        0.0031
secure_renego_scsv e/16389 e#/4081 c/16389 #84_e/16389 12        0.0019
secure_renego_scsv e/16389 e#/4081 c/16389 SSL_4.0+ #84_e/16389 17        0.0027
secure_renego_scsv more_sigalgs more_groups ext:key_share e/76 e/640 e#/2 c/74 c#/12 SSL_3.254 #84_e/76 27        0.0042
secure_renego_scsv more_sigalgs more_groups ext:key_share e/640 e/1987 e#/2 c/74 c#/12 SSL_3.254 #84_e/330 392       0.0615
secure_renego_scsv more_sigalgs more_groups ext:key_share e/640 e/1987 e#/4 c/74 c#/12 SSL_3.254 #84_e/330 17        0.0027
secure_renego_scsv SSL_4.0+                        12        0.0019
secure_renego_scsv SSL_4.0+ SSL_3.254              22        0.0035
SSL_4.0+                                           7         0.0011
SSL_4.0+ SSL_3.254                                 314       0.0493
TLS_1.3+ 66741                                     34        0.0053





Statistics from 665183 chains provided by 758640 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  606830    79.9892
incomplete                14997     1.9768
untrusted                 136813    18.034

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         1         0.0002
3                         657003    98.7703
4                         8168      1.2279
5                         11        0.0017

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 90748     
ECDSA 384                 83034     
RSA 1024                  2         
RSA 2045                  2         
RSA 2048                  965918    
RSA 4096                  198851    

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 90748     13.6426
ECDSA 384                 83034     12.4829
RSA 1024                  2         0.0003
RSA 2045                  2         0.0003
RSA 2048                  581717    87.4522
RSA 4096                  198168    29.7915

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              83002     
sha1WithRSAEncryption          3048      
sha256WithRSAEncryption        406012    
sha384WithRSAEncryption        181245    
sha512WithRSAEncryption        65        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        3013      0.453
112                       579133    87.0637
128                       83037     12.4833

Root CAs                                      Count     Percent
---------------------------------------------+---------+-------
(d6325660) COMODO RSA Certification Authority 163103    24.52
(2c543cd1) GeoTrust Global CA                 85475     12.8498
(eed8c118) COMODO ECC Certification Authority 83000     12.4778
(2e5ac55d) DST Root CA X3                     66072     9.9329
(cbf06781) Go Daddy Root Certificate Authorit 42552     6.397
(5ad8a5d6) GlobalSign Root CA                 36350     5.4647
(b204d74a) VeriSign Class 3 Public Primary Ce 31786     4.7785
(244b5494) DigiCert High Assurance EV Root CA 25014     3.7605
(fc5a8f99) USERTrust RSA Certification Author 18008     2.7072
(653b494a) Baltimore CyberTrust Root          14274     2.1459
(2e4eed3c) thawte Primary Root CA             13904     2.0903
(3513523f) DigiCert Global Root CA            11435     1.7191
(4bfab552) Starfield Root Certificate Authori 9942      1.4946
(ae8153b9) StartCom Certification Authority   7001      1.0525
(e2799e36) GeoTrust Primary Certification Aut 6661      1.0014

Intermediate CA                               Count     Percent
---------------------------------------------+---------+-------
(8d28ae65) COMODO RSA Domain Validation Secur 90715     13.6376
(6cfa716c) COMODO ECC Domain Validation Secur 82917     12.4653
(4f06f81d) Let's Encrypt Authority X3         66072     9.9329
(27eb7704) Go Daddy Secure Certificate Author 42552     6.397
(1400f578) cPanel, Inc. Certification Authori 35556     5.3453
(80ecc636) RapidSSL SHA256 CA                 26894     4.0431
(53f3e569) RapidSSL SHA256 CA - G3            23267     3.4978
(38ae8eda) DigiCert SHA2 High Assurance Serve 21191     3.1857
(493a2f06) COMODO RSA Domain Validation Secur 18901     2.8415
(7d9c641e) Symantec Class 3 Secure Server CA  16957     2.5492
(16744f0c) AlphaSSL CA - SHA256 - G2          14280     2.1468
(10310d4b) GeoTrust SSL CA - G3               14112     2.1215
(b85455c4) GlobalSign Organization Validation 11620     1.7469
(85cf5865) DigiCert SHA2 Secure Server CA     11418     1.7165
(c43a77d9) COMODO RSA Organization Validation 10909     1.64
(c4c7a654) Google Internet Authority G2       10898     1.6383
(d7d634d4) GlobalSign Domain Validation CA -  10173     1.5294
(cd7781e5) Starfield Secure Certificate Autho 9942      1.4946
(3d97f5e2) Verizon Akamai SureServer CA G14-S 8267      1.2428
(fd917e82) SecureCore RSA DV CA               7542      1.1338
(9ad474ec) thawte SSL CA - G2                 7454      1.1206
(c43fc33d) Symantec Class 3 ECC 256 bit SSL C 6658      1.0009

Scan performed between 11th of January and 4th of March 2017.

December 2016 scan results

 
SSL/TLS survey of 482427 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      382592    79.3057
3DES Only                 307       0.0636
3DES Preferred            921       0.1909
3DES forced in TLS1.1+    543       0.1126
AES                       480182    99.5346
AES Only                  58724     12.1726
AES-CBC                   479795    99.4544
AES-CBC Only              3331      0.6905
AES-GCM                   427514    88.6173
AES-GCM Only              353       0.0732
CAMELLIA                  211066    43.7509
CHACHA20                  74205     15.3816
CHACHA20 Only             2         0.0004
Insecure                  32587     6.7548
RC4                       101703    21.0815
RC4 Only                  87        0.018
RC4 Preferred             6777      1.4048
RC4 forced in TLS1.1+     3612      0.7487
x:FF 29 3DES Only         335       0.0694
x:FF 29 3DES Preferred    1146      0.2375
x:FF 29 RC4 Only          118       0.0245
x:FF 29 RC4 Preferred     7880      1.6334
x:FF 29 incompatible      329       0.0682
x:FF 35 3DES Only         339       0.0703
x:FF 35 3DES Preferred    1053      0.2183
x:FF 35 RC4 Only          125       0.0259
x:FF 35 RC4 Preferred     7886      1.6347
x:FF 35 incompatible      330       0.0684
x:FF 44 3DES Only         2147      0.445
x:FF 44 3DES Preferred    3843      0.7966
x:FF 44 incompatible      455       0.0943
y:DHE-RSA-SEED-SHA        58284     12.0814
y:IDEA-CBC-SHA            56732     11.7597
y:SEED-SHA                66790     13.8446
z:ADH-AES128-GCM-SHA256   251       0.052
z:ADH-AES128-SHA          399       0.0827
z:ADH-AES128-SHA256       172       0.0357
z:ADH-AES256-GCM-SHA384   256       0.0531
z:ADH-AES256-SHA          428       0.0887
z:ADH-AES256-SHA256       172       0.0357
z:ADH-CAMELLIA128-SHA     209       0.0433
z:ADH-CAMELLIA256-SHA     231       0.0479
z:ADH-DES-CBC-SHA         143       0.0296
z:ADH-DES-CBC3-SHA        405       0.084
z:ADH-RC4-MD5             292       0.0605
z:ADH-SEED-SHA            170       0.0352
z:AECDH-AES128-SHA        4894      1.0145
z:AECDH-AES256-SHA        4932      1.0223
z:AECDH-DES-CBC3-SHA      4839      1.0031
z:AECDH-NULL-SHA          47        0.0097
z:AECDH-RC4-SHA           4539      0.9409
z:DES-CBC-MD5             3460      0.7172
z:DES-CBC-SHA             21036     4.3605
z:DES-CBC3-MD5            9600      1.9899
z:ECDHE-RSA-NULL-SHA      51        0.0106
z:EDH-RSA-DES-CBC-SHA     18337     3.801
z:EXP-ADH-DES-CBC-SHA     88        0.0182
z:EXP-ADH-RC4-MD5         88        0.0182
z:EXP-DES-CBC-SHA         5941      1.2315
z:EXP-EDH-RSA-DES-CBC-SHA 4787      0.9923
z:EXP-RC2-CBC-MD5         7097      1.4711
z:EXP-RC4-MD5             7339      1.5213
z:EXP1024-DES-CBC-SHA     1736      0.3598
z:EXP1024-RC4-SHA         1765      0.3659
z:IDEA-CBC-MD5            716       0.1484
z:NULL-MD5                117       0.0243
z:NULL-SHA                119       0.0247
z:NULL-SHA256             43        0.0089
z:RC2-CBC-MD5             3600      0.7462
z:RC4-64-MD5              398       0.0825

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               111784    23.1712
Server side               370643    76.8288

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       537       0.1113
AECDH                     4940      1.024
DHE                       272683    56.5232
ECDH                      2         0.0004
ECDHE                     442885    91.8035
ECDHE and DHE             248744    51.561
RSA                       406929    84.3504

Supported NPN protocols   Count    Percent 
-------------------------+---------+--------
HTTP/1.0                  1         0.0002   
HTTP/1.1                  1         0.0002   
None                      281332    58.316   
None Only                 281332    58.316   
h2                        119008    24.6686  
h2 Only                   99        0.0205   
h2-12                     10        0.0021   
h2-14                     1337      0.2771   
h2-14 Only                1         0.0002   
h2-16                     41        0.0085   
h2-17                     425       0.0881   
h2-fb                     14        0.0029   
h2c                       429       0.0889   
http                      2         0.0004   
http/1                    1         0.0002   
http/1.0                  12542     2.5998   
http/1.1                  201153    41.696   
http/1.1 Only             65149     13.5044  
http1.0                   8         0.0017   
http1.1                   8         0.0017   
https                     1         0.0002   
https Only                1         0.0002   
spdy                      2         0.0004   
spdy/2                    12495     2.59     
spdy/2 Only               3         0.0006   
spdy/3                    12697     2.6319   
spdy/3.1                  75687     15.6888  
spdy/3.1 Only             1         0.0002   
x-mod-spdy/0.9.4.1-146826 4         0.0008   
x-mod-spdy/0.9.4.1-1e75259 1         0.0002   
x-mod-spdy/0.9.4.1-51b34c6 1         0.0002   
x-mod-spdy/0.9.4.1-6bd08c0 1         0.0002   
x-mod-spdy/0.9.4.1-df466c5 1         0.0002   
x-mod-spdy/0.9.4.1-f7ff75d 1         0.0002   
x-mod-spdy/0.9.4.2-146826 2         0.0004   
x-mod-spdy/0.9.4.2-3a57358 1         0.0002   
x-mod-spdy/0.9.4.2-413    9         0.0019   
x-mod-spdy/0.9.4.2-414    1         0.0002   
x-mod-spdy/0.9.4.3-146826 272       0.0564   
x-mod-spdy/0.9.4.3-420    136       0.0282   

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               75715     15.6946  27.7667
DH,2018bits               2         0.0004   0.0007
DH,2048bits               174818    36.2372  64.1103
DH,2049bits               1         0.0002   0.0004
DH,2236bits               59        0.0122   0.0216
DH,2430bits               1         0.0002   0.0004
DH,2432bits               1         0.0002   0.0004
DH,3072bits               133       0.0276   0.0488
DH,3092bits               1         0.0002   0.0004
DH,4096bits               21746     4.5076   7.9748
DH,512bits                49        0.0102   0.018
DH,768bits                201       0.0417   0.0737
DH,8192bits               4         0.0008   0.0015
ECDH,B-571,570bits        4824      0.9999   1.0892
ECDH,P-192,192bits        58        0.012    0.0131
ECDH,P-224,224bits        51        0.0106   0.0115
ECDH,P-256,256bits        411706    85.3406  92.96
ECDH,P-384,384bits        12835     2.6605   2.898
ECDH,P-521,521bits        14684     3.0438   3.3155
Prefer DH,1024bits        24199     5.0161   8.8744
Prefer DH,2048bits        3764      0.7802   1.3804
Prefer DH,3072bits        10        0.0021   0.0037
Prefer DH,3092bits        1         0.0002   0.0004
Prefer DH,4096bits        333       0.069    0.1221
Prefer DH,768bits         14        0.0029   0.0051
Prefer ECDH,B-571,570bits 4672      0.9684   1.0549
Prefer ECDH,P-192,192bits 10        0.0021   0.0023
Prefer ECDH,P-224,224bits 49        0.0102   0.0111
Prefer ECDH,P-256,256bits 390580    80.9615  88.1899
Prefer ECDH,P-384,384bits 10759     2.2302   2.4293
Prefer ECDH,P-521,521bits 14306     2.9654   3.2302
Prefer PFS                448697    93.0083  0
Support PFS               466824    96.7657  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
None                      2         0.0004   
None Only                 2         0.0004   
brainpoolP256r1           39004     8.085    
brainpoolP384r1           39017     8.0876   
brainpoolP512r1           39025     8.0893   
prime192v1                930       0.1928   
prime256v1                425105    88.118   
prime256v1 Only           341960    70.8833  
secp160k1                 825       0.171    
secp160r1                 833       0.1727   
secp160r2                 825       0.171    
secp192k1                 833       0.1727   
secp224k1                 875       0.1814   
secp224r1                 3637      0.7539   
secp224r1 Only            1         0.0002   
secp256k1                 40659     8.428    
secp384r1                 90837     18.8292  
secp384r1 Only            6969      1.4446   
secp521r1                 66202     13.7227  
secp521r1 Only            95        0.0197   
sect163k1                 826       0.1712   
sect163k1 Only            2         0.0004   
sect163r1                 823       0.1706   
sect163r2                 823       0.1706   
sect193r1                 822       0.1704   
sect193r2                 822       0.1704   
sect233k1                 867       0.1797   
sect233r1                 867       0.1797   
sect239k1                 866       0.1795   
sect283k1                 39836     8.2574   
sect283k1 Only            10        0.0021   
sect283r1                 39835     8.2572   
sect409k1                 39837     8.2576   
sect409r1                 39837     8.2576   
sect571k1                 39838     8.2578   
sect571r1                 39834     8.257    
server                    71932     14.9104  
server Only               71932     14.9104  

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          442726    91.7706  
unknown                        39701     8.2294   

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
                          70657     14.6462  
client                    16823     3.4872   
server                    355409    73.671   
unknown                   39538     8.1956   

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     46542     9.6475   
ECDSA-SHA1 Only                3         0.0006   
ECDSA-SHA224                   46498     9.6383   
ECDSA-SHA256                   60721     12.5866  
ECDSA-SHA384                   60710     12.5843  
ECDSA-SHA512                   60715     12.5853  
ECDSA-SHA512 Only              23        0.0048   
RSA-MD5                        12854     2.6644   
RSA-SHA1                       386279    80.0699  
RSA-SHA1 Only                  17096     3.5437   
RSA-SHA224                     333642    69.1591  
RSA-SHA256                     375301    77.7944  
RSA-SHA256 Only                5470      1.1339   
RSA-SHA384                     347323    71.9949  
RSA-SHA384 Only                3         0.0006   
RSA-SHA512                     346444    71.8127  
RSA-SHA512 Only                139       0.0288   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         231514    47.9894  
indeterminate                  55        0.0114   
intolerant                     4751      0.9848   
order-fallback                 4         0.0008   
server                         200987    41.6616  
unsupported                    8457      1.753    

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     46464     9.6313   
ECDSA intolerant               266       0.0551   
ECDSA pfs-rsa-SHA512           14117     2.9262   
ECDSA soft-nopfs               7         0.0015   
RSA False                      12754     2.6437   
RSA SHA1                       338842    70.2369  
RSA intolerant                 40667     8.4297   
RSA pfs-ecdsa-SHA512           1023      0.2121   
RSA soft-nopfs                 247       0.0512   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     2857      0.5922   
insecure                  10034     2.0799   
secure                    469536    97.3279  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      3889      0.8061   
False                     2857      0.5922   
NONE                      475681    98.6017  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         1         0.0002   
1 only                    1         0.0002   
2                         1         0.0002   
2 only                    1         0.0002   
5                         3         0.0006   
5 only                    3         0.0006   
10                        6         0.0012   
10 only                   6         0.0012   
12                        1         0.0002   
12 only                   1         0.0002   
15                        5         0.001    
15 only                   5         0.001    
30                        15        0.0031   
30 only                   15        0.0031   
60                        127       0.0263   
60 only                   124       0.0257   
65                        2         0.0004   
65 only                   2         0.0004   
70                        5         0.001    
70 only                   3         0.0006   
100                       14        0.0029   
100 only                  14        0.0029   
120                       28        0.0058   
120 only                  26        0.0054   
128                       5         0.001    
128 only                  4         0.0008   
150                       8         0.0017   
150 only                  7         0.0015   
180                       65        0.0135   
180 only                  64        0.0133   
240                       12        0.0025   
240 only                  12        0.0025   
299                       2         0.0004   
300                       243644    50.5038  
300 only                  241822    50.1261  
360                       2         0.0004   
400                       4         0.0008   
400 only                  4         0.0008   
420                       92        0.0191   
420 only                  74        0.0153   
450                       1         0.0002   
450 only                  1         0.0002   
480                       7         0.0015   
480 only                  7         0.0015   
500                       6         0.0012   
500 only                  6         0.0012   
540                       2         0.0004   
540 only                  2         0.0004   
600                       28608     5.93     
600 only                  28528     5.9134   
660                       1         0.0002   
660 only                  1         0.0002   
720                       5         0.001    
720 only                  5         0.001    
840                       1         0.0002   
840 only                  1         0.0002   
900                       1292      0.2678   
900 only                  1280      0.2653   
960                       2         0.0004   
960 only                  2         0.0004   
1000                      3         0.0006   
1000 only                 3         0.0006   
1200                      2957      0.6129   
1200 only                 2954      0.6123   
1300                      1         0.0002   
1300 only                 1         0.0002   
1320                      1         0.0002   
1320 only                 1         0.0002   
1380                      1         0.0002   
1380 only                 1         0.0002   
1440                      1         0.0002   
1440 only                 1         0.0002   
1500                      11        0.0023   
1500 only                 10        0.0021   
1800                      708       0.1468   
1800 only                 702       0.1455   
2100                      2         0.0004   
2100 only                 1         0.0002   
2400                      4         0.0008   
2400 only                 4         0.0008   
2700                      5         0.001    
2700 only                 5         0.001    
3000                      57        0.0118   
3000 only                 57        0.0118   
3600                      1504      0.3118   
3600 only                 1488      0.3084   
3840                      5         0.001    
3840 only                 3         0.0006   
4200                      2         0.0004   
4200 only                 2         0.0004   
4500                      1         0.0002   
4500 only                 1         0.0002   
5160                      1         0.0002   
5160 only                 1         0.0002   
5400                      11        0.0023   
5400 only                 11        0.0023   
6000                      215       0.0446   
6000 only                 209       0.0433   
7200                      10847     2.2484   
7200 only                 10836     2.2461   
7500                      2         0.0004   
7500 only                 2         0.0004   
7680                      1         0.0002   
7680 only                 1         0.0002   
8100                      1         0.0002   
8100 only                 1         0.0002   
9000                      1         0.0002   
9000 only                 1         0.0002   
10800                     4327      0.8969   
10800 only                4310      0.8934   
14400                     289       0.0599   
14400 only                288       0.0597   
18000                     2         0.0004   
18000 only                2         0.0004   
21600                     4672      0.9684   
21600 only                4670      0.968    
28800                     2022      0.4191   
28800 only                2022      0.4191   
30000                     3         0.0006   
30000 only                2         0.0004   
36000                     1042      0.216    
36000 only                1038      0.2152   
43200                     40        0.0083   
43200 only                40        0.0083   
60000                     2         0.0004   
60000 only                2         0.0004   
61440                     1         0.0002   
61440 only                1         0.0002   
64800                     58896     12.2083  
64800 only                58890     12.207   
72000                     10        0.0021   
72000 only                10        0.0021   
79200                     1         0.0002   
79200 only                1         0.0002   
86400                     3021      0.6262   
86400 only                3008      0.6235   
100790                    2         0.0004   
100793                    1         0.0002   
100796                    3         0.0006   
100797                    3         0.0006   
100798                    10        0.0021   
100799                    3888      0.8059   
100800                    8558      1.7739   
100800 only               4651      0.9641   
108000                    1         0.0002   
108000 only               1         0.0002   
129600                    11        0.0023   
129600 only               11        0.0023   
172800                    23        0.0048   
172800 only               23        0.0048   
216000                    1         0.0002   
216000 only               1         0.0002   
259200                    2         0.0004   
259200 only               2         0.0004   
432000                    1         0.0002   
432000 only               1         0.0002   
604800                    2         0.0004   
604800 only               1         0.0002   
864000                    3         0.0006   
864000 only               3         0.0006   
7776000                   1         0.0002   
7776000 only              1         0.0002   
15552000                  1         0.0002   
15552000 only             1         0.0002   
None                      111224    23.0551  
None only                 109197    22.6349  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      5288      1.0961   
ecdsa-with-SHA256         58040     12.0308  
sha1WithRSAEncryption     3212      0.6658   
sha256WithRSAEncryption   435297    90.2306  
sha384WithRSAEncryption   12        0.0025   
sha512WithRSAEncryption   75        0.0155   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 60794     12.6017  
ECDSA 384                 60        0.0124   
RSA 1024                  6         0.0012   
RSA 2048                  404003    83.7439  
RSA 2049                  3         0.0006   
RSA 2056                  1         0.0002   
RSA 2059                  1         0.0002   
RSA 2060                  1         0.0002   
RSA 2084                  1         0.0002   
RSA 2086                  1         0.0002   
RSA 2096                  1         0.0002   
RSA 2432                  5         0.001    
RSA 2560                  1         0.0002   
RSA 2948                  1         0.0002   
RSA 3050                  1         0.0002   
RSA 3072                  167       0.0346   
RSA 3248                  1         0.0002   
RSA 4048                  1         0.0002   
RSA 4056                  7         0.0015   
RSA 4086                  1         0.0002   
RSA 4092                  2         0.0004   
RSA 4094                  1         0.0002   
RSA 4095                  1         0.0002   
RSA 4096                  33612     6.9673   
RSA 8192                  10        0.0021   
RSA/ECDSA Dual Stack      16242     3.3667

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 114371    23.7074  
Unsupported               368056    76.2926  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      9683      2.0071
SSL2 Only                 1         0.0002
SSL3                      56963     11.8076
SSL3 Only                 169       0.035
SSL3 or TLS1 Only         26706     5.5358
SSL3 or lower Only        172       0.0357
TLS1                      470288    97.4838
TLS1 Only                 15792     3.2734
TLS1 or lower Only        35799     7.4206
TLS1.1                    438882    90.9738
TLS1.1 Only               38        0.0079
TLS1.1 or up Only         11843     2.4549
TLS1.2                    445757    92.3988
TLS1.2 Only               4695      0.9732
TLS1.2, 1.0 but not 1.1   2829      0.5864

Client Hello intolerance                 Count     Percent
----------------------------------------+---------+-------
ext:ALPN                                 5         0.001
ext:EtM                                  18        0.0037
ext:ext #38                              11        0.0023
ext:key share                            245       0.0508
ext:OCSP staple                          17        0.0035
ext:padding                              11        0.0023
ext:SNI                                  46        0.0095
last ext empty                           13        0.0027
more groups                              396       0.0821
more sigalgs                             413       0.0856
secure renego ext                        215       0.0446
secure renego scsv                       488       0.1012
size 65537                               5         0.001
size 65540                               71        0.0147
size 65541                               410       0.085
size 65544                               299       0.062
size 65545                               121       0.0251
size 66741                               25        0.0052
size 131073                              302       0.0626
size 131076                              134       0.0278
size #84 e/76                            63        0.0131
size #84 e/141                           15        0.0031
size #84 e/179                           7         0.0015
size #84 e/330                           200       0.0415
size #84 e/1356                          267       0.0553
size #84 e/1456                          5         0.001
size #84 e/2049                          133       0.0276
size #84 e/2053                          34        0.007
size #84 e/4076                          23        0.0048
size #84 e/4092                          1284      0.2662
size #84 e/4103                          9         0.0019
size #84 e/4229                          9         0.0019
size #84 e/8156                          5         0.001
size #84 e/8192                          6         0.0012
size #84 e/10095                         11        0.0023
size #84 e/10245                         3209      0.6652
size #84 e/11628                         6         0.0012
size #84 e/11634                         189       0.0392
size #84 e/12288                         32        0.0066
size #84 e/12305                         12        0.0025
size #84 e/13324                         7         0.0015
size #84 e/13451                         8         0.0017
size #84 e/13466                         8         0.0017
size #84 e/13474                         7         0.0015
size #84 e/13478                         8         0.0017
size #84 e/13479                         5         0.001
size #84 e/13480                         160       0.0332
size #84 e/13483                         8         0.0017
size #84 e/13834                         5         0.001
size #84 e/15142                         796       0.165
size #84 e/15180                         215       0.0446
size #84 e/16289                         45        0.0093
size #84 e/16353                         336       0.0696
size #84 e/16380                         29        0.006
size #84 e/16381                         5         0.001
size #84 e/16382                         493       0.1022
size #84 e/16383                         61        0.0126
size #84 e/16384                         87        0.018
size #84 e/16385                         19464     4.0346
size #84 e/16386                         20        0.0041
size #84 e/16387                         82        0.017
size #84 e/16388                         179       0.0371
size #84 e/16389                         340717    70.6256
size #84 e/16392                         102003    21.1437
size #84 e/16556                         14        0.0029
size #84 e/16562                         51        0.0106
size #84 e/16612                         17        0.0035
size #84 e/16628                         10        0.0021
size #84 e/16645                         76        0.0158
size #84 e/16740                         20        0.0041
size #84 e/17145                         20        0.0041
size #84 e/17146                         7         0.0015
size #84 e/17390                         26        0.0054
size #84 e/17468                         25        0.0052
size #84 e/17520                         5371      1.1133
size #84 e/17521                         48        0.0099
size #84 e/17522                         5         0.001
size #84 e/17523                         43        0.0089
size #84 e/17524                         6         0.0012
size #84 e/17526                         51        0.0106
size #84 e/17527                         12        0.0025
size #84 e/17529                         12        0.0025
size #84 e/17532                         59        0.0122
size #84 e/17533                         6         0.0012
size #84 e/17534                         11        0.0023
size #84 e/17535                         6         0.0012
size #84 e/17538                         5         0.001
size #84 e/17541                         8         0.0017
size #84 e/17544                         32        0.0066
size #84 e/17556                         5         0.001
size #84 e/17568                         7         0.0015
size #84 e/17676                         126       0.0261
size #84 e/17706                         10        0.0021
size #84 e/17928                         22        0.0046
size #84 e/18868                         6         0.0012
size #84 e/19464                         11        0.0023
size #84 e/20247                         8         0.0017
size #84 e/32773                         96        0.0199
size #84 e/49153                         26        0.0054
size #84 e/65536                         252       0.0522
size c#/12                               254       0.0527
size c#/22                               14        0.0029
size c#/129                              669       0.1387
size c#/201                              34        0.007
size c#/257                              271       0.0562
size c#/304                              7         0.0015
size c#/475                              13        0.0027
size c#/501                              111       0.023
size c#/612                              179       0.0371
size c#/614                              6         0.0012
size c#/653                              87        0.018
size c#/958                              9         0.0019
size c#/964                              8         0.0017
size c#/998                              31        0.0064
size c#/1000                             133       0.0276
size c#/1001                             11        0.0023
size c#/1972                             18        0.0037
size c#/1979                             8         0.0017
size c#/1980                             9         0.0019
size c#/1981                             17        0.0035
size c#/1982                             44        0.0091
size c#/1983                             42        0.0087
size c#/1984                             65        0.0135
size c#/1985                             92        0.0191
size c#/1986                             123       0.0255
size c#/1987                             116       0.024
size c#/1988                             94        0.0195
size c#/1989                             51        0.0106
size c#/1990                             25        0.0052
size c#/1991                             6         0.0012
size c#/2021                             590       0.1223
size c#/2027                             6         0.0012
size c#/4018                             7         0.0015
size c#/4019                             7         0.0015
size c#/4020                             12        0.0025
size c#/4021                             10        0.0021
size c#/4022                             15        0.0031
size c#/4023                             14        0.0029
size c#/4024                             5         0.001
size c#/4035                             94        0.0195
size c#/4088                             7         0.0015
size c#/4315                             5         0.001
size c#/5023                             11        0.0023
size c#/5075                             76        0.0158
size c#/5098                             3123      0.6474
size c#/5748                             6         0.0012
size c#/5751                             190       0.0394
size c#/6119                             30        0.0062
size c#/6127                             11        0.0023
size c#/6636                             6         0.0012
size c#/6699                             16        0.0033
size c#/6707                             17        0.0035
size c#/6711                             13        0.0027
size c#/6713                             13        0.0027
size c#/6714                             21        0.0044
size c#/6715                             115       0.0238
size c#/6946                             45        0.0093
size c#/6965                             50        0.0104
size c#/7083                             8         0.0017
size c#/7084                             7         0.0015
size c#/7085                             22        0.0046
size c#/7086                             39        0.0081
size c#/7087                             79        0.0164
size c#/7088                             128       0.0265
size c#/7089                             262       0.0543
size c#/7090                             302       0.0626
size c#/7091                             465       0.0964
size c#/7092                             535       0.1109
size c#/7093                             598       0.124
size c#/7094                             606       0.1256
size c#/7095                             447       0.0927
size c#/7096                             247       0.0512
size c#/7097                             96        0.0199
size c#/7098                             5         0.001
size c#/7103                             5         0.001
size c#/7104                             43        0.0089
size c#/7105                             2017      0.4181
size c#/7106                             114       0.0236
size c#/7107                             95540     19.804
size c#/7235                             9         0.0019
size c#/8107                             6         0.0012
size c#/8108                             10        0.0021
size c#/8109                             21        0.0044
size c#/8110                             59        0.0122
size c#/8111                             39        0.0081
size c#/8112                             23        0.0048
size c#/8113                             41        0.0085
size c#/8114                             28        0.0058
size c#/8115                             33        0.0068
size c#/8116                             27        0.0056
size c#/8117                             25        0.0052
size c#/8118                             20        0.0041
size c#/8119                             9         0.0019
size c#/8120                             71        0.0147
size c#/8121                             21        0.0044
size c#/8122                             19        0.0039
size c#/8123                             15        0.0031
size c#/8124                             19        0.0039
size c#/8125                             28        0.0058
size c#/8126                             5467      1.1332
size c#/8127                             106       0.022
size c#/8128                             4778      0.9904
size c#/8129                             443       0.0918
size c#/8130                             867       0.1797
size c#/8131                             1518      0.3147
size c#/8132                             2656      0.5505
size c#/8133                             4214      0.8735
size c#/8134                             6189      1.2829
size c#/8135                             8369      1.7348
size c#/8136                             9689      2.0084
size c#/8137                             8978      1.861
size c#/8138                             10764     2.2312
size c#/8139                             1705      0.3534
size c#/8140                             284       0.0589
size c#/8141                             17        0.0035
size c#/8142                             10        0.0021
size c#/8143                             16        0.0033
size c#/8144                             11        0.0023
size c#/8145                             4668      0.9676
size c#/8146                             32        0.0066
size c#/8147                             15987     3.3139
size c#/8152                             264       0.0547
size c#/8165                             13        0.0027
size c#/8166                             721       0.1495
size c#/8167                             83        0.0172
size c#/8168                             8366      1.7341
size c#/8169                             82        0.017
size c#/8170                             271954    56.3721
size c#/8171                             31        0.0064
size c#/8172                             44        0.0091
size c#/8173                             41        0.0085
size c#/8259                             7         0.0015
size c#/8298                             66        0.0137
size c#/15299                            6         0.0012
size c#/16362                            95        0.0197
size c#/24552                            26        0.0054
size c/74                                246       0.051
size c/139                               5         0.001
size c/308                               588       0.1219
size c/312                               78        0.0162
size c/452                               33        0.0068
size c/564                               201       0.0417
size c/568                               13        0.0027
size c/673                               9         0.0019
size c/676                               5         0.001
size c/1000                              15        0.0031
size c/1052                              68        0.0141
size c/1097                              12        0.0025
size c/1135                              29        0.006
size c/1356                              276       0.0572
size c/1456                              5         0.001
size c/2049                              164       0.034
size c/2052                              11        0.0023
size c/4076                              22        0.0046
size c/4092                              1311      0.2718
size c/4103                              14        0.0029
size c/8192                              6         0.0012
size c/8226                              7         0.0015
size c/10095                             11        0.0023
size c/10245                             3374      0.6994
size c/11628                             6         0.0012
size c/11634                             188       0.039
size c/12288                             32        0.0066
size c/12304                             11        0.0023
size c/13322                             5         0.001
size c/13448                             15        0.0031
size c/13464                             14        0.0029
size c/13472                             13        0.0027
size c/13476                             12        0.0025
size c/13478                             17        0.0035
size c/13479                             10        0.0021
size c/13480                             105       0.0218
size c/15360                             5         0.001
size c/16067                             45        0.0093
size c/16106                             50        0.0104
size c/16289                             45        0.0093
size c/16353                             384       0.0796
size c/16380                             12        0.0025
size c/16382                             59        0.0122
size c/16383                             110       0.0228
size c/16384                             100       0.0207
size c/16385                             22383     4.6397
size c/16386                             1236      0.2562
size c/16387                             145       0.0301
size c/16388                             160       0.0332
size c/16389                             440472    91.3033
size c/16392                             24        0.005
size c/16396                             5         0.001
size c/16400                             56        0.0116
size c/16401                             41        0.0085
size c/16408                             5201      1.0781
size c/16645                             82        0.017
size c/18502                             7         0.0015
size c/32773                             102       0.0211
size c/49153                             27        0.0056
size e#/2                                299       0.062
size e#/4                                7         0.0015
size e#/6                                14        0.0029
size e#/7                                35        0.0073
size e#/8                                7         0.0015
size e#/9                                15        0.0031
size e#/16                               55        0.0114
size e#/18                               12        0.0025
size e#/33                               10        0.0021
size e#/38                               265       0.0549
size e#/39                               7         0.0015
size e#/43                               9         0.0019
size e#/52                               29        0.006
size e#/256                              7         0.0015
size e#/260                              6         0.0012
size e#/303                              175       0.0363
size e#/322                              7         0.0015
size e#/337                              5         0.001
size e#/338                              8         0.0017
size e#/343                              9         0.0019
size e#/346                              5         0.001
size e#/491                              13        0.0027
size e#/494                              11        0.0023
size e#/497                              33        0.0068
size e#/983                              20        0.0041
size e#/985                              14        0.0029
size e#/986                              26        0.0054
size e#/987                              89        0.0184
size e#/988                              153       0.0317
size e#/989                              238       0.0493
size e#/990                              147       0.0305
size e#/991                              31        0.0064
size e#/1006                             597       0.1237
size e#/1009                             7         0.0015
size e#/1023                             6         0.0012
size e#/1534                             5         0.001
size e#/1875                             14        0.0029
size e#/1876                             23        0.0048
size e#/1877                             28        0.0058
size e#/1878                             6         0.0012
size e#/1881                             94        0.0195
size e#/1976                             11        0.0023
size e#/2014                             7         0.0015
size e#/2022                             8         0.0017
size e#/2030                             7         0.0015
size e#/2031                             5         0.001
size e#/2046                             58        0.012
size e#/2047                             11        0.0023
size e#/2049                             5         0.001
size e#/2152                             5         0.001
size e#/2532                             75        0.0155
size e#/2545                             3124      0.6476
size e#/2813                             5         0.001
size e#/2871                             6         0.0012
size e#/2872                             190       0.0394
size e#/2957                             5         0.001
size e#/3067                             6         0.0012
size e#/3068                             7         0.0015
size e#/3069                             66        0.0137
size e#/3070                             9         0.0019
size e#/3071                             11        0.0023
size e#/3201                             5         0.001
size e#/3323                             12        0.0025
size e#/3324                             16        0.0033
size e#/3337                             48        0.0099
size e#/3340                             13        0.0027
size e#/3346                             51        0.0106
size e#/3348                             13        0.0027
size e#/3352                             12        0.0025
size e#/3353                             151       0.0313
size e#/3380                             5         0.001
size e#/3407                             13        0.0027
size e#/3408                             75        0.0155
size e#/3409                             117       0.0243
size e#/3410                             360       0.0746
size e#/3411                             758       0.1571
size e#/3412                             1121      0.2324
size e#/3413                             1027      0.2129
size e#/3414                             309       0.0641
size e#/3415                             12        0.0025
size e#/3416                             1847      0.3829
size e#/3417                             95537     19.8034
size e#/3453                             8         0.0017
size e#/3547                             11        0.0023
size e#/3580                             53        0.011
size e#/3581                             34        0.007
size e#/3582                             6         0.0012
size e#/3708                             9         0.0019
size e#/3828                             7         0.0015
size e#/3832                             5         0.001
size e#/3836                             50        0.0104
size e#/3900                             6         0.0012
size e#/3964                             60        0.0124
size e#/3965                             8         0.0017
size e#/3996                             6         0.0012
size e#/4026                             6         0.0012
size e#/4028                             81        0.0168
size e#/4029                             7         0.0015
size e#/4052                             37        0.0077
size e#/4054                             10        0.0021
size e#/4055                             6         0.0012
size e#/4056                             25        0.0052
size e#/4057                             21        0.0044
size e#/4058                             76        0.0158
size e#/4059                             235       0.0487
size e#/4060                             11104     2.3017
size e#/4061                             6877      1.4255
size e#/4062                             6887      1.4276
size e#/4063                             14616     3.0297
size e#/4064                             18752     3.887
size e#/4065                             7264      1.5057
size e#/4066                             281       0.0582
size e#/4067                             4642      0.9622
size e#/4068                             15956     3.3074
size e#/4072                             264       0.0547
size e#/4075                             633       0.1312
size e#/4076                             81        0.0168
size e#/4077                             8         0.0017
size e#/4078                             49        0.0102
size e#/4079                             16        0.0033
size e#/4080                             7490      1.5526
size e#/4081                             265144    54.9604
size e#/7513                             6         0.0012
size e#/8177                             80        0.0166
size e#/12272                            21        0.0044
size e#/16367                            19        0.0039
size e/76                                62        0.0129
size e/141                               17        0.0035
size e/179                               6         0.0012
size e/256                               126       0.0261
size e/307                               7         0.0015
size e/364                               5         0.001
size e/382                               6         0.0012
size e/384                               61        0.0126
size e/388                               5         0.001
size e/416                               5         0.001
size e/511                               125       0.0259
size e/554                               5         0.001
size e/640                               466       0.0966
size e/1356                              272       0.0564
size e/1456                              5         0.001
size e/1987                              199       0.0412
size e/2049                              163       0.0338
size e/2053                              34        0.007
size e/2783                              13        0.0027
size e/4076                              23        0.0048
size e/4092                              1314      0.2724
size e/4103                              14        0.0029
size e/8156                              7         0.0015
size e/8192                              6         0.0012
size e/8229                              5         0.001
size e/8280                              10        0.0021
size e/10095                             11        0.0023
size e/10245                             3378      0.7002
size e/11628                             6         0.0012
size e/11634                             188       0.039
size e/12288                             33        0.0068
size e/12305                             10        0.0021
size e/13324                             11        0.0023
size e/13451                             11        0.0023
size e/13466                             12        0.0025
size e/13474                             7         0.0015
size e/13478                             7         0.0015
size e/13480                             170       0.0352
size e/15142                             796       0.165
size e/15180                             213       0.0442
size e/16067                             45        0.0093
size e/16106                             50        0.0104
size e/16289                             45        0.0093
size e/16353                             383       0.0794
size e/16380                             25        0.0052
size e/16382                             53        0.011
size e/16383                             89        0.0184
size e/16384                             103       0.0214
size e/16385                             22302     4.6229
size e/16386                             80        0.0166
size e/16387                             119       0.0247
size e/16388                             258       0.0535
size e/16389                             439894    91.1835
size e/16392                             15        0.0031
size e/16556                             12        0.0025
size e/16562                             50        0.0104
size e/16612                             19        0.0039
size e/16628                             10        0.0021
size e/16645                             85        0.0176
size e/16740                             22        0.0046
size e/17145                             18        0.0037
size e/17148                             6         0.0012
size e/17390                             26        0.0054
size e/17468                             27        0.0056
size e/17520                             5372      1.1135
size e/17521                             44        0.0091
size e/17522                             6         0.0012
size e/17523                             51        0.0106
size e/17524                             8         0.0017
size e/17526                             63        0.0131
size e/17527                             8         0.0017
size e/17529                             7         0.0015
size e/17532                             60        0.0124
size e/17533                             6         0.0012
size e/17534                             5         0.001
size e/17535                             5         0.001
size e/17541                             8         0.0017
size e/17544                             30        0.0062
size e/17550                             6         0.0012
size e/17673                             6         0.0012
size e/17676                             127       0.0263
size e/17677                             5         0.001
size e/17706                             9         0.0019
size e/17736                             6         0.0012
size e/17928                             14        0.0029
size e/18502                             7         0.0015
size e/18868                             5         0.001
size e/19464                             9         0.0019
size e/22536                             7         0.0015
size e/32773                             102       0.0211
size e/49153                             27        0.0056
SSL 3.254                                8144      1.6881
SSL 4.0                                  11051     2.2907
SSL 4.3                                  10700     2.218
SSL 255.255                              10746     2.2275
TLS 1.0                                  11373     2.3575
TLS 1.1                                  4323      0.8961
TLS 1.2                                  10        0.0021
TLS 1.3                                  4375      0.9069
TLS 1.4                                  4750      0.9846

Implementation families                               Count       Percent
-----------------------------------------------------+-----------+-------
65540                                              66        0.0137
65541                                              410       0.085
65544                                              298       0.0618
65545                                              121       0.0251
131076                                             119       0.0247
c/308 c#/129 TLS_1.3+                              585       0.1213
c/312 c#/129 TLS_1.3+                              15        0.0031
c/564 c#/257 TLS_1.3+                              11        0.0023
c/568 c#/257 TLS_1.3+                              13        0.0027
c/1000 c#/475 TLS_1.3+                             13        0.0027
e#/38 131073                                       20        0.0041
e#/38 SSL_3.254 SSL_255.255 131073                 16        0.0033
e#/38 SSL_4.0 131073                               200       0.0415
e#/38 SSL_4.0 SSL_3.254 SSL_255.255 131073         18        0.0037
e#/39 SSL_4.0 131073                               7         0.0015
e#/43 SSL_4.0 131073                               6         0.0012
e#/52 SSL_4.0 131073                               24        0.005
e/76 e/384 e#/2 c/74 c#/12 SSL_3.254 #84_e/76      7         0.0015
e/76 e/640 e#/2 c/74 c#/12 #84_e/76                5         0.001
e/76 e/640 e#/2 c/16383 #84_e/76                   8         0.0017
e/384 e/16389 e#/4081 c/16389 #84_e/16389          9         0.0019
e/511 e/256 e/10095 c/10095 #84_e/10095            11        0.0023
e/640 e/141 e#/6 c/16389 #84_e/141                 5         0.001
e/640 e/16389 e#/4081 c/16389 #84_e/16389          5         0.001
e/1356 c/1356 c#/653 SSL_4.0+ #84_e/1356           64        0.0133
e/1356 c/1356 c#/653 TLS_1.3+ #84_e/1356           17        0.0035
e/1356 e#/303 c/1356 c#/612 #84_e/1356             159       0.033
e/2049 c/2049 c#/998 TLS_1.3+ #84_e/16382          18        0.0037
e/2049 c/2049 c#/1000 TLS_1.3+ #84_e/2049          130       0.0269
e/2049 e#/491 c/2049 c#/998 TLS_1.3+ #84_e/16382   13        0.0027
e/2053 e#/497 c/452 c#/201 SSL_4.0+ #84_e/2053     33        0.0068
e/4076 e#/983 c/4076 c#/1972 #84_e/4076            18        0.0037
e/4092 e#/343 c/4092 c#/958 #84_e/16382            9         0.0019
e/4092 e#/985 c/4092 c#/1979 #84_e/4092            8         0.0017
e/4092 e#/986 c/4092 c#/1980 #84_e/4092            9         0.0019
e/4092 e#/986 c/4092 c#/1981 #84_e/4092            17        0.0035
e/4092 e#/987 c/4092 c#/1982 #84_e/4092            43        0.0089
e/4092 e#/987 c/4092 c#/1983 #84_e/4092            42        0.0087
e/4092 e#/988 c/4092 c#/1984 #84_e/4092            64        0.0133
e/4092 e#/988 c/4092 c#/1985 #84_e/4092            88        0.0182
e/4092 e#/989 c/4092 c#/1986 #84_e/4092            122       0.0253
e/4092 e#/989 c/4092 c#/1987 #84_e/4092            115       0.0238
e/4092 e#/990 c/4092 c#/1988 #84_e/4092            93        0.0193
e/4092 e#/990 c/4092 c#/1989 #84_e/4092            51        0.0106
e/4092 e#/991 c/4092 c#/1990 #84_e/4092            24        0.005
e/4092 e#/991 c/4092 c#/1991 #84_e/4092            6         0.0012
e/4092 e#/1006 c/4092 c#/2021 #84_e/4092           586       0.1215
e/4103 e#/346 c/4103 c#/964 #84_e/16382            5         0.001
e/4103 e#/1009 c/4103 c#/2027 #84_e/4103           6         0.0012
e/8280 e#/4060 c/16385 #84_e/4229                  9         0.0019
e/10245 e#/1875 c/10245 c#/4018 SSL_3.254 #84_e/16382 7         0.0015
e/10245 e#/1875 c/10245 c#/4019 SSL_3.254 #84_e/16382 6         0.0012
e/10245 e#/1876 c/10245 c#/4020 SSL_3.254 #84_e/16382 8         0.0017
e/10245 e#/1876 c/10245 c#/4021 SSL_3.254 #84_e/16382 10        0.0021
e/10245 e#/1877 c/10245 c#/4022 SSL_3.254 #84_e/16382 14        0.0029
e/10245 e#/1877 c/10245 c#/4023 SSL_3.254 #84_e/16382 12        0.0025
e/10245 e#/1881 c/10245 c#/4035 #84_e/16382        94        0.0195
e/10245 e#/2532 c/10245 #84_e/10245                74        0.0153
e/10245 e#/2545 c/10245 #84_e/10245                370       0.0767
e/10245 e#/2545 c/10245 SSL_3.254 #84_e/10245      2749      0.5698
e/11628 e#/2871 c/11628 #84_e/11628                6         0.0012
e/11634 e#/2872 c/11634 #84_e/11634                188       0.039
e/13480 e#/3348 c/13480 #84_e/13480                5         0.001
e/13480 e#/3353 c/13448 #84_e/13480                5         0.001
e/13480 e#/3353 c/13478 #84_e/13480                8         0.0017
e/13480 e#/3353 c/13480 #84_e/13480                24        0.005
e/15142 e#/4067 c/16385 #84_e/15142                19        0.0039
e/15142 e#/4068 c/16389 #84_e/15142                776       0.1609
e/15180 e#/4060 c/16385 #84_e/15180                97        0.0201
e/15180 e#/4060 c/16408 #84_e/15180                111       0.023
e/16067 e#/3337 c/16067 #84_e/16382                44        0.0091
e/16106 e#/3346 c/16106 #84_e/16382                50        0.0104
e/16289 c/16289 SSL_4.0+ #84_e/16289               45        0.0093
e/16353 e#/3408 c/16353 #84_e/16382                39        0.0081
e/16353 e#/4052 c/16353 #84_e/16353                32        0.0066
e/16353 e#/4054 c/16353 #84_e/16353                8         0.0017
e/16353 e#/4055 c/16353 #84_e/16353                5         0.001
e/16353 e#/4056 c/16353 #84_e/16353                6         0.0012
e/16353 e#/4059 c/16353 #84_e/16353                17        0.0035
e/16353 e#/4072 c/16353 #84_e/16353                232       0.0481
e/16353 e#/4072 c/16353 SSL_4.0+ #84_e/16353       7         0.0015
e/16353 e#/4072 c/16353 TLS_1.3+ #84_e/16353       13        0.0027
e/16380 e#/494 c/2052 c#/1001 #84_e/16380          11        0.0023
e/16380 e#/4078 c/16380 #84_e/16380                11        0.0023
e/16382 e#/4081 c/16389 #84_e/16382                7         0.0015
e/16382 e#/4081 c/16389 #84_e/16389                12        0.0025
e/16383 e#/3408 c/16383 #84_e/16392                7         0.0015
e/16383 e#/4078 c/16383 #84_e/16383                29        0.006
e/16384 e#/4060 c/16384 #84_e/16384                33        0.0068
e/16384 e#/4067 c/16384 #84_e/16384                12        0.0025
e/16385 c/16385 #84_e/16385                        250       0.0518
e/16385 c/16385 SSL_4.0+ #84_e/16385               114       0.0236
e/16385 c/16385 SSL_4.0+ #84_e/16392               75        0.0155
e/16385 c/16385 TLS_1.3+ #84_e/16385               516       0.107
e/16385 c/16385 TLS_1.3+ #84_e/16392               123       0.0255
e/16385 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 166       0.0344
e/16385 e#/3410 c/16385 #84_e/16392                9         0.0019
e/16385 e#/3410 c/16385 TLS_1.3+ #84_e/16392       16        0.0033
e/16385 e#/3411 c/16385 #84_e/16392                8         0.0017
e/16385 e#/3411 c/16385 TLS_1.3+ #84_e/16392       16        0.0033
e/16385 e#/3412 c/16385 #84_e/16392                8         0.0017
e/16385 e#/3412 c/16385 #84_e/65536                5         0.001
e/16385 e#/3412 c/16385 TLS_1.3+ #84_e/16392       15        0.0031
e/16385 e#/3413 c/16385 #84_e/16392                5         0.001
e/16385 e#/3413 c/16385 TLS_1.3+ #84_e/16392       16        0.0033
e/16385 e#/3416 c/16383 SSL_4.0+ #84_e/16392       9         0.0019
e/16385 e#/3416 c/16385 #84_e/16392                319       0.0661
e/16385 e#/3416 c/16385 #84_e/65536                209       0.0433
e/16385 e#/3416 c/16385 SSL_4.0+ #84_e/16392       1084      0.2247
e/16385 e#/3416 c/16386 SSL_4.0+ #84_e/16392       51        0.0106
e/16385 e#/3416 c/16387 SSL_4.0+ #84_e/16392       60        0.0124
e/16385 e#/3416 c/16389 SSL_4.0+ #84_e/16392       6         0.0012
e/16385 e#/3417 c/16385 SSL_4.0+ #84_e/16392       144       0.0298
e/16385 e#/3417 c/16386 SSL_4.0+ #84_e/16392       14        0.0029
e/16385 e#/3417 c/16387 SSL_4.0+ #84_e/16392       12        0.0025
e/16385 e#/3547 c/16385 #84_e/16392                9         0.0019
e/16385 e#/4057 c/16385 #84_e/16385                6         0.0012
e/16385 e#/4058 c/16385 #84_e/16385                30        0.0062
e/16385 e#/4058 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 6         0.0012
e/16385 e#/4059 c/16385 #84_e/16385                60        0.0124
e/16385 e#/4059 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 16        0.0033
e/16385 e#/4060 c/1135 c#/501 #84_e/16385          5         0.001
e/16385 e#/4060 c/16385 #84_e/16385                5165      1.0706
e/16385 e#/4060 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 18        0.0037
e/16385 e#/4061 c/16385 #84_e/16385                264       0.0547
e/16385 e#/4061 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 8         0.0017
e/16385 e#/4062 c/16385 #84_e/16385                570       0.1182
e/16385 e#/4063 c/16385 #84_e/16385                628       0.1302
e/16385 e#/4064 c/16385 #84_e/16385                274       0.0568
e/16385 e#/4065 c/16385 #84_e/16385                21        0.0044
e/16385 e#/4067 c/16385 #84_e/16385                4582      0.9498
e/16385 e#/4075 c/16385 #84_e/16385                14        0.0029
e/16385 e#/4075 c/16385 TLS_1.3+ #84_e/16392       578       0.1198
e/16385 e#/4080 c/564 c#/257 #84_e/16385           54        0.0112
e/16385 e#/4080 c/1052 c#/501 #84_e/16385          6         0.0012
e/16385 e#/4080 c/16385 #84_e/16385                4074      0.8445
e/16385 e#/4080 c/16385 SSL_4.0+ #84_e/16385       337       0.0699
e/16385 e#/4080 c/16385 TLS_1.3+ #84_e/16385       1916      0.3972
e/16385 e#/4080 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 142       0.0294
e/16385 e#/4081 c/16385 SSL_4.0+ #84_e/16385       5         0.001
e/16385 e#/4081 c/16389 #84_e/16385                13        0.0027
e/16386 e#/3416 c/16385 SSL_4.0+ #84_e/16392       37        0.0077
e/16386 e#/3417 c/16385 SSL_4.0+ #84_e/16392       7         0.0015
e/16387 e#/4068 c/16385 #84_e/16387                5         0.001
e/16387 e#/4068 c/16388 #84_e/16389                5         0.001
e/16387 e#/4081 c/16389 #84_e/16389                19        0.0039
e/16388 e#/3416 c/16385 SSL_4.0+ #84_e/16392       40        0.0083
e/16388 e#/3416 c/16387 SSL_4.0+ #84_e/16392       5         0.001
e/16388 e#/3417 c/16385 SSL_4.0+ #84_e/16392       7         0.0015
e/16388 e#/3417 c/16388 #84_e/16392                5         0.001
e/16388 e#/3417 c/16389 #84_e/16392                6         0.0012
e/16388 e#/4068 c/16389 #84_e/16389                9         0.0019
e/16388 e#/4081 c/16386 #84_e/16388                11        0.0023
e/16388 e#/4081 c/16389 #84_e/16388                13        0.0027
e/16388 e#/4081 c/16389 #84_e/16389                19        0.0039
e/16389 c/564 c#/257 SSL_4.0+ #84_e/16389          5         0.001
e/16389 c/16389 #84_e/16389                        4301      0.8915
e/16389 c/16389 #84_e/16392                        44        0.0091
e/16389 c/16389 SSL_4.0+ #84_e/16389               2022      0.4191
e/16389 c/16389 SSL_4.0+ #84_e/16392               36        0.0075
e/16389 c/16389 TLS_1.3+ #84_e/16389               91        0.0189
e/16389 c/16389 TLS_1.3+ #84_e/16392               26        0.0054
e/16389 e#/2 c/16389 #84_e/16389                   36        0.0075
e/16389 e#/7 c/16389 #84_e/16389                   29        0.006
e/16389 e#/16 c/16389 #84_e/16392                  39        0.0081
e/16389 e#/18 c/16389 #84_e/16392                  7         0.0015
e/16389 e#/256 c/16389 #84_e/16389                 5         0.001
e/16389 e#/260 c/16389 #84_e/16392                 6         0.0012
e/16389 e#/1976 c/16389 #84_e/16392                10        0.0021
e/16389 e#/2046 c/16389 #84_e/16389                40        0.0083
e/16389 e#/2047 c/16389 #84_e/16389                7         0.0015
e/16389 e#/3069 c/16389 #84_e/16389                40        0.0083
e/16389 e#/3070 c/16389 #84_e/16389                5         0.001
e/16389 e#/3071 c/16389 #84_e/16389                5         0.001
e/16389 e#/3201 c/16389 #84_e/16392                5         0.001
e/16389 e#/3323 c/16389 #84_e/16392                7         0.0015
e/16389 e#/3407 c/16389 #84_e/16392                11        0.0023
e/16389 e#/3408 c/16389 #84_e/16392                26        0.0054
e/16389 e#/3409 c/16389 #84_e/16392                111       0.023
e/16389 e#/3410 c/16389 #84_e/16392                332       0.0688
e/16389 e#/3411 c/16389 #84_e/16392                731       0.1515
e/16389 e#/3412 c/16389 #84_e/16392                1091      0.2261
e/16389 e#/3413 c/16389 #84_e/16392                1001      0.2075
e/16389 e#/3414 c/16389 #84_e/16392                307       0.0636
e/16389 e#/3415 c/16389 #84_e/16392                8         0.0017
e/16389 e#/3416 c/16389 #84_e/16392                11        0.0023
e/16389 e#/3417 c/16382 #84_e/16392                5         0.001
e/16389 e#/3417 c/16383 #84_e/16392                10        0.0021
e/16389 e#/3417 c/16388 #84_e/16392                7         0.0015
e/16389 e#/3417 c/16389 #84_e/16392                95179     19.7292
e/16389 e#/3417 c/16389 SSL_4.0+ #84_e/16392       37        0.0077
e/16389 e#/3580 c/16389 #84_e/16389                30        0.0062
e/16389 e#/3581 c/16389 #84_e/16389                5         0.001
e/16389 e#/3836 c/16389 #84_e/16389                36        0.0075
e/16389 e#/3900 c/16389 #84_e/16389                6         0.0012
e/16389 e#/3964 c/16389 #84_e/16389                39        0.0081
e/16389 e#/3965 c/16389 #84_e/16389                6         0.0012
e/16389 e#/4028 c/16389 #84_e/16389                50        0.0104
e/16389 e#/4029 c/16389 #84_e/16389                5         0.001
e/16389 e#/4056 c/16389 #84_e/16389                5         0.001
e/16389 e#/4057 c/16389 #84_e/16389                11        0.0023
e/16389 e#/4058 c/16389 #84_e/16389                32        0.0066
e/16389 e#/4059 c/16389 #84_e/16389                126       0.0261
e/16389 e#/4060 c/16389 #84_e/16389                521       0.108
e/16389 e#/4061 c/673 c#/257 #84_e/16389           5         0.001
e/16389 e#/4061 c/16389 #84_e/16389                6509      1.3492
e/16389 e#/4062 c/16389 #84_e/16389                6190      1.2831
e/16389 e#/4063 c/16389 #84_e/16389                13862     2.8734
e/16389 e#/4064 c/16389 #84_e/16389                18393     3.8126
e/16389 e#/4065 c/16389 #84_e/16389                7235      1.4997
e/16389 e#/4066 c/16389 #84_e/16389                278       0.0576
e/16389 e#/4067 c/16389 #84_e/16389                5         0.001
e/16389 e#/4068 c/1097 c#/501 #84_e/16389          10        0.0021
e/16389 e#/4068 c/16387 #84_e/16389                5         0.001
e/16389 e#/4068 c/16388 #84_e/16389                9         0.0019
e/16389 e#/4068 c/16389 #84_e/16388                12        0.0025
e/16389 e#/4068 c/16389 #84_e/16389                15024     3.1143
e/16389 e#/4076 c/16389 #84_e/16389                42        0.0087
e/16389 e#/4076 c/16389 #84_e/16392                14        0.0029
e/16389 e#/4077 c/16389 #84_e/16389                7         0.0015
e/16389 e#/4079 c/16389 #84_e/16389                7         0.0015
e/16389 e#/4080 c/16386 #84_e/16389                16        0.0033
e/16389 e#/4080 c/16386 TLS_1.3+ #84_e/16389       15        0.0031
e/16389 e#/4080 c/16389 #84_e/16389                47        0.0097
e/16389 e#/4081 c/564 c#/257 #84_e/16389           107       0.0222
e/16389 e#/4081 c/1052 c#/501 #84_e/16389          45        0.0093
e/16389 e#/4081 c/16382 #84_e/16389                30        0.0062
e/16389 e#/4081 c/16386 #84_e/16389                29        0.006
e/16389 e#/4081 c/16388 #84_e/16389                22        0.0046
e/16389 e#/4081 c/16389 #84_e/16382                13        0.0027
e/16389 e#/4081 c/16389 #84_e/16387                16        0.0033
e/16389 e#/4081 c/16389 #84_e/16388                20        0.0041
e/16389 e#/4081 c/16389 #84_e/16389                263153    54.5477
e/16389 e#/4081 c/16389 SSL_4.0+ #84_e/16389       1304      0.2703
e/16389 e#/4081 c/16389 TLS_1.3+ #84_e/16389       33        0.0068
e/16392 e#/16367 c/16392 #84_e/16392               13        0.0027
e/16556 e#/4080 c/16386 #84_e/16556                12        0.0025
e/16562 e#/4060 c/16408 #84_e/16562                34        0.007
e/16562 e#/4080 c/16386 #84_e/16562                12        0.0025
e/16612 e#/3581 c/16408 #84_e/16612                16        0.0033
e/16645 c/16645 #84_e/16645                        64        0.0133
e/16645 c/16645 #84_e/65536                        8         0.0017
e/16645 c/16645 SSL_4.0+ #84_e/16645               7         0.0015
e/16740 e#/4060 c/16408 #84_e/16740                16        0.0033
e/17145 e#/4060 c/16408 #84_e/17145                6         0.0012
e/17145 e#/4080 c/16386 #84_e/17145                6         0.0012
e/17390 e#/4060 c/16408 #84_e/17390                12        0.0025
e/17390 e#/4080 c/16386 #84_e/17390                12        0.0025
e/17468 e#/4060 c/16408 #84_e/17468                14        0.0029
e/17468 e#/4080 c/16386 #84_e/17468                11        0.0023
e/17520 e#/4060 c/1135 c#/501 #84_e/17520          7         0.0015
e/17520 e#/4060 c/16385 #84_e/17520                6         0.0012
e/17520 e#/4060 c/16392 #84_e/17520                6         0.0012
e/17520 e#/4060 c/16396 #84_e/17520                5         0.001
e/17520 e#/4060 c/16408 #84_e/17520                4105      0.8509
e/17520 e#/4060 c/16408 #84_e/17521                29        0.006
e/17520 e#/4060 c/16408 #84_e/17523                20        0.0041
e/17520 e#/4060 c/16408 #84_e/17526                23        0.0048
e/17520 e#/4060 c/16408 #84_e/17532                31        0.0064
e/17520 e#/4060 c/16408 #84_e/17544                17        0.0035
e/17520 e#/4060 c/16408 #84_e/17928                5         0.001
e/17520 e#/4060 c/16408 #84_e/19464                5         0.001
e/17520 e#/4061 c/16385 #84_e/17520                20        0.0041
e/17520 e#/4061 c/16386 #84_e/17520                12        0.0025
e/17520 e#/4061 c/16400 #84_e/17520                11        0.0023
e/17520 e#/4061 c/16401 #84_e/17520                8         0.0017
e/17520 e#/4062 c/16385 #84_e/17520                38        0.0079
e/17520 e#/4062 c/16386 #84_e/17520                21        0.0044
e/17520 e#/4062 c/16400 #84_e/17520                18        0.0037
e/17520 e#/4062 c/16401 #84_e/17520                9         0.0019
e/17520 e#/4063 c/16385 #84_e/17520                33        0.0068
e/17520 e#/4063 c/16386 #84_e/17520                41        0.0085
e/17520 e#/4063 c/16400 #84_e/17520                9         0.0019
e/17520 e#/4063 c/16401 #84_e/17520                5         0.001
e/17520 e#/4064 c/16385 #84_e/17520                11        0.0023
e/17520 e#/4064 c/16386 #84_e/17520                40        0.0083
e/17520 e#/4064 c/16400 #84_e/17520                5         0.001
e/17520 e#/4064 c/16401 #84_e/17520                7         0.0015
e/17520 e#/4075 c/16386 #84_e/17520                27        0.0056
e/17520 e#/4080 c/564 c#/257 #84_e/17520           6         0.0012
e/17520 e#/4080 c/16386 #84_e/17520                662       0.1372
e/17521 e#/4060 c/16408 #84_e/17520                26        0.0054
e/17523 e#/4060 c/16408 #84_e/17520                24        0.005
e/17526 e#/4060 c/16408 #84_e/17520                28        0.0058
e/17532 e#/4060 c/16408 #84_e/17520                27        0.0056
e/17532 e#/4060 c/16408 #84_e/17521                5         0.001
e/17544 e#/4060 c/16408 #84_e/17520                17        0.0035
e/17544 e#/4080 c/16386 #84_e/17520                5         0.001
e/17550 e#/4060 c/16408 #84_e/17520                5         0.001
e/17676 e#/4060 c/1135 c#/501 #84_e/17676          6         0.0012
e/17676 e#/4060 c/16408 #84_e/17676                80        0.0166
e/17676 e#/4080 c/16386 #84_e/17676                26        0.0054
e/17706 e#/4060 c/16408 #84_e/17706                6         0.0012
e/17928 e#/4060 c/16408 #84_e/17520                8         0.0017
e/32773 c/32773 SSL_4.0 #84_e/32773                13        0.0027
e/32773 e#/7513 c/32773 SSL_4.0 #84_e/65536        6         0.0012
e/32773 e#/8177 c/32773 #84_e/32773                43        0.0089
e/32773 e#/8177 c/32773 SSL_4.0 #84_e/32773        37        0.0077
e/49153 c/49153 #84_e/49153                        5         0.001
e/49153 e#/12272 c/49153 #84_e/49153               21        0.0044
ext:OCSP_staple e/16389 e#/4081 c/16389 #84_e/16389 12        0.0025
ext:SNI e/16385 e#/4080 c/16385 TLS_1.3+ #84_e/16385 6         0.0012
ext:SNI e/16389 e#/3417 c/16389 #84_e/16392        39        0.0081
more_groups e/16389 e#/4081 c/16389 #84_e/16389    22        0.0046
more_sigalgs 131076                                14        0.0029
more_sigalgs e/16389 e#/4081 c/16389 #84_e/16389   11        0.0023
secure_renego_ext c/312 c#/129 TLS_1.3+            63        0.0131
secure_renego_ext e/12288 c/12288 #84_e/12288      30        0.0062
secure_renego_ext e/16389 c/16389 #84_e/16389      10        0.0021
secure_renego_scsv e/16385 e#/4081 c/16385 #84_e/16385 6         0.0012
secure_renego_scsv e/16389 e#/3417 c/16389 #84_e/16392 16        0.0033
secure_renego_scsv e/16389 e#/4081 c/16389 #84_e/16389 16        0.0033
secure_renego_scsv e/16389 e#/4081 c/16389 SSL_4.0+ #84_e/16389 15        0.0031
secure_renego_scsv more_sigalgs more_groups ext:key_share e/76 e/640 e#/2 c/74 c#/12 SSL_3.254 #84_e/76 24        0.005
secure_renego_scsv more_sigalgs more_groups ext:key_share e/640 e/1987 e#/2 c/74 c#/12 SSL_3.254 #84_e/330 195       0.0404
secure_renego_scsv SSL_4.0+                        9         0.0019
secure_renego_scsv SSL_4.0+ SSL_3.254              17        0.0035
SSL_4.0+                                           9         0.0019
SSL_4.0+ SSL_3.254                                 217       0.045
TLS_1.3+ 66741                                     25        0.0052



Statistics from 364503 chains provided by 573879 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  333957    58.1929
incomplete                9677      1.6862
untrusted                 230245    40.1208

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         1         0.0003
3                         360103    98.7929
4                         4392      1.2049
5                         7         0.0019

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 53125     
ECDSA 384                 51643     
RSA 1024                  1         
RSA 2048                  509462    
RSA 4096                  119180    

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 53125     14.5746
ECDSA 384                 51643     14.1681
RSA 1024                  1         0.0003
RSA 2048                  312575    85.7538
RSA 4096                  118737    32.575

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              51621     
sha1WithRSAEncryption          2434      
sha256WithRSAEncryption        209418    
sha384WithRSAEncryption        105391    
sha512WithRSAEncryption        44        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        2413      0.662
112                       310443    85.1688
128                       51647     14.1692

Most popular root CAs                         Count     Percent
---------------------------------------------+---------+-------
(d6325660) COMODO RSA Certification Authority 93195     25.5677
(eed8c118) COMODO ECC Certification Authority 51620     14.1617
(2c543cd1) GeoTrust Global CA                 50578     13.8759
(cbf06781) Go Daddy Root Certificate Authorit 28160     7.7256
(5ad8a5d6) GlobalSign Root CA                 25507     6.9977
(244b5494) DigiCert High Assurance EV Root CA 15811     4.3377
(b204d74a) VeriSign Class 3 Public Primary Ce 15518     4.2573
(fc5a8f99) USERTrust RSA Certification Author 12127     3.327
(2e4eed3c) thawte Primary Root CA             8790      2.4115
(4bfab552) Starfield Root Certificate Authori 7562      2.0746
(3513523f) DigiCert Global Root CA            7329      2.0107
(ae8153b9) StartCom Certification Authority   5515      1.513
(653b494a) Baltimore CyberTrust Root          5342      1.4656
(e2799e36) GeoTrust Primary Certification Aut 4628      1.2697
(ba89ed3b) thawte Primary Root CA - G3        3757      1.0307
(480720ec) GeoTrust Primary Certification Aut 3717      1.0197

Most popular intermediate CA                  Count     Percent
---------------------------------------------+---------+-------
(8d28ae65) COMODO RSA Domain Validation Secur 64697     17.7494
(6cfa716c) COMODO ECC Domain Validation Secur 51580     14.1508
(27eb7704) Go Daddy Secure Certificate Author 28160     7.7256
(53f3e569) RapidSSL SHA256 CA - G3            17901     4.9111
(80ecc636) RapidSSL SHA256 CA                 16945     4.6488
(38ae8eda) DigiCert SHA2 High Assurance Serve 13587     3.7275
(7d9c641e) Symantec Class 3 Secure Server CA  10238     2.8088
(16744f0c) AlphaSSL CA - SHA256 - G2          9722      2.6672
(493a2f06) COMODO RSA Domain Validation Secur 9529      2.6142
(b85455c4) GlobalSign Organization Validation 8847      2.4271
(1400f578) cPanel, Inc. Certification Authori 8781      2.409
(10310d4b) GeoTrust SSL CA - G3               8641      2.3706
(cd7781e5) Starfield Secure Certificate Autho 7562      2.0746
(c43a77d9) COMODO RSA Organization Validation 7530      2.0658
(85cf5865) DigiCert SHA2 Secure Server CA     7313      2.0063
(d7d634d4) GlobalSign Domain Validation CA -  7173      1.9679
(fd917e82) SecureCore RSA DV CA               5608      1.5385
(9ad474ec) thawte SSL CA - G2                 4708      1.2916
(98d7cad7) GeoTrust DV SSL CA - G3            4373      1.1997
(b71a5f76) GeoTrust EV SSL CA - G4            3717      1.0197

Scan performed between 6th of December 2016 and 3rd of January 2017.

October 2016 scan results

 
SSL/TLS survey of 610687 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      509758    83.4729
3DES Only                 418       0.0684
3DES Preferred            1287      0.2107
3DES forced in TLS1.1+    774       0.1267
AES                       607680    99.5076
AES Only                  58200     9.5303
AES-CBC                   607095    99.4118
AES-CBC Only              4370      0.7156
AES-GCM                   535745    87.7282
AES-GCM Only              542       0.0888
CAMELLIA                  266553    43.6481
CAMELLIA Only             1         0.0002
CHACHA20                  95696     15.6702
CHACHA20 Only             4         0.0007
Insecure                  43104     7.0583
RC4                       133182    21.8086
RC4 Only                  87        0.0142
RC4 Preferred             9601      1.5722
RC4 forced in TLS1.1+     5237      0.8576
x:FF 29 3DES Only         456       0.0747
x:FF 29 3DES Preferred    1567      0.2566
x:FF 29 RC4 Only          130       0.0213
x:FF 29 RC4 Preferred     10974     1.797
x:FF 29 incompatible      562       0.092
x:FF 35 3DES Only         462       0.0757
x:FF 35 3DES Preferred    1456      0.2384
x:FF 35 RC4 Only          136       0.0223
x:FF 35 RC4 Preferred     10985     1.7988
x:FF 35 incompatible      564       0.0924
x:FF 44 3DES Only         2903      0.4754
x:FF 44 3DES Preferred    5464      0.8947
x:FF 44 incompatible      700       0.1146
y:DHE-RSA-SEED-SHA        74413     12.1851
y:IDEA-CBC-SHA            75389     12.3449
y:SEED-SHA                89518     14.6586
z:ADH-AES128-GCM-SHA256   395       0.0647
z:ADH-AES128-SHA          604       0.0989
z:ADH-AES128-SHA256       273       0.0447
z:ADH-AES256-GCM-SHA384   402       0.0658
z:ADH-AES256-SHA          643       0.1053
z:ADH-AES256-SHA256       274       0.0449
z:ADH-CAMELLIA128-SHA     331       0.0542
z:ADH-CAMELLIA256-SHA     356       0.0583
z:ADH-DES-CBC-SHA         212       0.0347
z:ADH-DES-CBC3-SHA        596       0.0976
z:ADH-RC4-MD5             430       0.0704
z:ADH-SEED-SHA            259       0.0424
z:AECDH-AES128-SHA        7698      1.2605
z:AECDH-AES256-SHA        7747      1.2686
z:AECDH-DES-CBC3-SHA      7632      1.2497
z:AECDH-NULL-SHA          53        0.0087
z:AECDH-RC4-SHA           7188      1.177
z:DES-CBC-MD5             4394      0.7195
z:DES-CBC-SHA             26968     4.416
z:DES-CBC3-MD5            12198     1.9974
z:ECDHE-RSA-NULL-SHA      61        0.01
z:EDH-RSA-DES-CBC-SHA     23088     3.7807
z:EXP-ADH-DES-CBC-SHA     132       0.0216
z:EXP-ADH-RC4-MD5         132       0.0216
z:EXP-DES-CBC-SHA         7658      1.254
z:EXP-EDH-RSA-DES-CBC-SHA 6024      0.9864
z:EXP-RC2-CBC-MD5         9133      1.4955
z:EXP-RC4-MD5             9497      1.5551
z:EXP1024-DES-CBC-SHA     2293      0.3755
z:EXP1024-RC4-SHA         2330      0.3815
z:IDEA-CBC-MD5            932       0.1526
z:NULL-MD5                168       0.0275
z:NULL-SHA                169       0.0277
z:NULL-SHA256             59        0.0097
z:RC2-CBC-MD5             4612      0.7552
z:RC4-64-MD5              473       0.0775

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               143631    23.5196
Server side               467056    76.4804

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       789       0.1292
AECDH                     7753      1.2696
DHE                       337704    55.299
ECDH                      2         0.0003
ECDHE                     556139    91.0678
ECDHE and DHE             304849    49.919
RSA                       515115    84.3501

Supported NPN protocols   Count    Percent 
-------------------------+---------+--------
None                      360490    59.0302  
None Only                 360490    59.0302  
h2                        149631    24.5021  
h2 Only                   81        0.0133   
h2-12                     9         0.0015   
h2-14                     1991      0.326    
h2-14 Only                1         0.0002   
h2-16                     42        0.0069   
h2-17                     819       0.1341   
h2-fb                     24        0.0039   
h2c                       827       0.1354   
http                      1         0.0002   
http/1.0                  17414     2.8515   
http/1.1                  250375    40.9989  
http/1.1 Only             76562     12.537   
http/2.0                  1         0.0002   
http1.0                   18        0.0029   
http1.1                   18        0.0029   
https                     1         0.0002   
https Only                1         0.0002   
spdy                      1         0.0002   
spdy/2                    15520     2.5414   
spdy/2 Only               1         0.0002   
spdy/3                    15691     2.5694   
spdy/3.0                  1         0.0002   
spdy/3.1                  102266    16.7461  
spdy/3.1 Only             1         0.0002   
x-mod-spdy/0.9.4.1-0      1         0.0002   
x-mod-spdy/0.9.4.1-146826 5         0.0008   
x-mod-spdy/0.9.4.1-1e75259 2         0.0003   
x-mod-spdy/0.9.4.1-4e5ad45 2         0.0003   
x-mod-spdy/0.9.4.1-51b34c6 1         0.0002   
x-mod-spdy/0.9.4.1-6bd08c0 2         0.0003   
x-mod-spdy/0.9.4.1-df466c5 1         0.0002   
x-mod-spdy/0.9.4.1-f7ff75d 1         0.0002   
x-mod-spdy/0.9.4.2-146826 2         0.0003   
x-mod-spdy/0.9.4.2-3a57358 5         0.0008   
x-mod-spdy/0.9.4.2-413    11        0.0018   
x-mod-spdy/0.9.4.2-414    2         0.0003   
x-mod-spdy/0.9.4.2-465a04f 1         0.0002   
x-mod-spdy/0.9.4.3-146826 499       0.0817   
x-mod-spdy/0.9.4.3-420    197       0.0323   

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               101487    16.6185  30.0521
DH,1338bits               1         0.0002   0.0003
DH,2046bits               1         0.0002   0.0003
DH,2048bits               215960    35.3635  63.9495
DH,2049bits               1         0.0002   0.0003
DH,2236bits               93        0.0152   0.0275
DH,2430bits               1         0.0002   0.0003
DH,2432bits               2         0.0003   0.0006
DH,3072bits               159       0.026    0.0471
DH,3092bits               1         0.0002   0.0003
DH,4094bits               1         0.0002   0.0003
DH,4096bits               19751     3.2342   5.8486
DH,512bits                77        0.0126   0.0228
DH,768bits                244       0.04     0.0723
DH,8192bits               6         0.001    0.0018
ECDH,B-571,570bits        5979      0.9791   1.0751
ECDH,P-192,192bits        85        0.0139   0.0153
ECDH,P-224,224bits        75        0.0123   0.0135
ECDH,P-256,256bits        519681    85.0978  93.4444
ECDH,P-384,384bits        14659     2.4004   2.6359
ECDH,P-521,521bits        17543     2.8727   3.1544
Prefer DH,1024bits        33443     5.4763   9.9031
Prefer DH,2048bits        4672      0.765    1.3835
Prefer DH,3072bits        10        0.0016   0.003
Prefer DH,3092bits        1         0.0002   0.0003
Prefer DH,4096bits        379       0.0621   0.1122
Prefer DH,768bits         20        0.0033   0.0059
Prefer ECDH,B-571,570bits 5756      0.9425   1.035
Prefer ECDH,P-192,192bits 10        0.0016   0.0018
Prefer ECDH,P-224,224bits 72        0.0118   0.0129
Prefer ECDH,P-256,256bits 489758    80.1979  88.064
Prefer ECDH,P-384,384bits 11905     1.9494   2.1407
Prefer ECDH,P-521,521bits 17052     2.7923   3.0661
Prefer PFS                563078    92.204   0
Support PFS               588994    96.4478  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
None                      2         0.0003   
None Only                 2         0.0003   
brainpoolP256r1           44149     7.2294   
brainpoolP384r1           44158     7.2309   
brainpoolP512r1           44160     7.2312   
prime192v1                1502      0.246    
prime256v1                534567    87.5353  
prime256v1 Only           437767    71.6843  
secp160k1                 1372      0.2247   
secp160r1                 1390      0.2276   
secp160r2                 1372      0.2247   
secp192k1                 1383      0.2265   
secp224k1                 1451      0.2376   
secp224r1                 4926      0.8066   
secp256k1                 46308     7.5829   
secp384r1                 105745    17.3157  
secp384r1 Only            7618      1.2474   
secp521r1                 76256     12.4869  
secp521r1 Only            151       0.0247   
sect163k1                 1373      0.2248   
sect163k1 Only            6         0.001    
sect163r1                 1372      0.2247   
sect163r2                 1372      0.2247   
sect193r1                 1372      0.2247   
sect193r2                 1372      0.2247   
sect233k1                 1441      0.236    
sect233r1                 1441      0.236    
sect239k1                 1440      0.2358   
sect283k1                 45380     7.431    
sect283k1 Only            5         0.0008   
sect283r1                 45378     7.4306   
sect409k1                 45379     7.4308   
sect409r1                 45378     7.4306   
sect571k1                 45377     7.4305   
sect571r1                 45380     7.431    
server                    97003     15.8842  
server Only               97003     15.8842  

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          555975    91.0409  
unknown                        54712     8.9591   

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
                          95411     15.6236  
client                    19913     3.2608   
server                    440818    72.184   
unknown                   54545     8.9317   

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     60522     9.9105   
ECDSA-SHA1 Only                5         0.0008   
ECDSA-SHA224                   60458     9.9      
ECDSA-SHA256                   79480     13.0149  
ECDSA-SHA256 Only              1         0.0002   
ECDSA-SHA384                   79452     13.0103  
ECDSA-SHA512                   79457     13.0111  
ECDSA-SHA512 Only              20        0.0033   
RSA-MD5                        17583     2.8792   
RSA-SHA1                       482229    78.965   
RSA-SHA1 Only                  23837     3.9033   
RSA-SHA224                     414484    67.8718  
RSA-SHA256                     466750    76.4303  
RSA-SHA256 Only                7275      1.1913   
RSA-SHA384                     431251    70.6174  
RSA-SHA384 Only                8         0.0013   
RSA-SHA512                     430906    70.5609  
RSA-SHA512 Only                178       0.0291   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         293690    48.0917  
indeterminate                  35        0.0057   
intolerant                     5996      0.9818   
order-fallback                 7         0.0011   
server                         250240    40.9768  
unsupported                    11203     1.8345   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     60438     9.8967   
ECDSA intolerant               208       0.0341   
ECDSA pfs-rsa-SHA512           18898     3.0945   
ECDSA soft-nopfs               4         0.0007   
RSA False                      17433     2.8547   
RSA SHA1                       422579    69.1973  
RSA intolerant                 50923     8.3386   
RSA pfs-ecdsa-SHA512           240       0.0393   
RSA soft-nopfs                 341       0.0558   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     3649      0.5975   
insecure                  13523     2.2144   
secure                    593515    97.1881  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      5024      0.8227   
False                     3649      0.5975   
NONE                      602014    98.5798  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         3         0.0005   
1 only                    3         0.0005   
2                         1         0.0002   
2 only                    1         0.0002   
5                         10        0.0016   
5 only                    10        0.0016   
10                        8         0.0013   
10 only                   8         0.0013   
15                        4         0.0007   
15 only                   4         0.0007   
30                        22        0.0036   
30 only                   22        0.0036   
60                        143       0.0234   
60 only                   135       0.0221   
65                        2         0.0003   
65 only                   2         0.0003   
70                        9         0.0015   
70 only                   7         0.0011   
90                        2         0.0003   
90 only                   2         0.0003   
100                       18        0.0029   
100 only                  18        0.0029   
120                       31        0.0051   
120 only                  31        0.0051   
128                       6         0.001    
128 only                  5         0.0008   
150                       10        0.0016   
150 only                  8         0.0013   
180                       88        0.0144   
180 only                  87        0.0142   
240                       15        0.0025   
240 only                  15        0.0025   
300                       306439    50.1794  
300 only                  304029    49.7848  
302                       2         0.0003   
302 only                  2         0.0003   
360                       3         0.0005   
360 only                  1         0.0002   
400                       8         0.0013   
400 only                  8         0.0013   
420                       112       0.0183   
420 only                  100       0.0164   
450                       1         0.0002   
450 only                  1         0.0002   
480                       14        0.0023   
480 only                  14        0.0023   
500                       4         0.0007   
500 only                  4         0.0007   
540                       4         0.0007   
540 only                  4         0.0007   
600                       33245     5.4439   
600 only                  33127     5.4245   
660                       3         0.0005   
660 only                  3         0.0005   
700                       1         0.0002   
700 only                  1         0.0002   
720                       2         0.0003   
720 only                  2         0.0003   
840                       1         0.0002   
840 only                  1         0.0002   
900                       1808      0.2961   
900 only                  1790      0.2931   
960                       2         0.0003   
960 only                  2         0.0003   
1000                      2         0.0003   
1000 only                 2         0.0003   
1200                      3934      0.6442   
1200 only                 3931      0.6437   
1320                      1         0.0002   
1320 only                 1         0.0002   
1380                      2         0.0003   
1380 only                 2         0.0003   
1440                      1         0.0002   
1440 only                 1         0.0002   
1500                      9         0.0015   
1500 only                 8         0.0013   
1800                      848       0.1389   
1800 only                 839       0.1374   
1920                      2         0.0003   
1920 only                 2         0.0003   
1980                      1         0.0002   
1980 only                 1         0.0002   
2100                      1         0.0002   
2100 only                 1         0.0002   
2400                      5         0.0008   
2400 only                 5         0.0008   
2700                      7         0.0011   
2700 only                 7         0.0011   
3000                      50        0.0082   
3000 only                 50        0.0082   
3600                      1409      0.2307   
3600 only                 1398      0.2289   
3840                      5         0.0008   
3840 only                 5         0.0008   
3900                      1         0.0002   
3900 only                 1         0.0002   
4200                      1         0.0002   
4200 only                 1         0.0002   
4500                      1         0.0002   
4500 only                 1         0.0002   
5160                      1         0.0002   
5160 only                 1         0.0002   
5400                      12        0.002    
5400 only                 12        0.002    
6000                      376       0.0616   
6000 only                 375       0.0614   
7200                      15058     2.4657   
7200 only                 15037     2.4623   
7500                      1         0.0002   
7500 only                 1         0.0002   
8100                      1         0.0002   
8100 only                 1         0.0002   
9000                      3         0.0005   
9000 only                 3         0.0005   
10800                     5736      0.9393   
10800 only                5717      0.9362   
14400                     239       0.0391   
14400 only                238       0.039    
18000                     9         0.0015   
18000 only                9         0.0015   
21600                     4993      0.8176   
21600 only                4993      0.8176   
25200                     1         0.0002   
25200 only                1         0.0002   
28800                     1578      0.2584   
28800 only                1578      0.2584   
30000                     3         0.0005   
30000 only                1         0.0002   
36000                     1377      0.2255   
36000 only                1370      0.2243   
43200                     68        0.0111   
43200 only                68        0.0111   
54000                     1         0.0002   
54000 only                1         0.0002   
60000                     1         0.0002   
60000 only                1         0.0002   
61440                     1         0.0002   
61440 only                1         0.0002   
64800                     80220     13.136   
64800 only                80220     13.136   
72000                     17        0.0028   
72000 only                17        0.0028   
79200                     1         0.0002   
79200 only                1         0.0002   
86400                     3946      0.6462   
86400 only                3934      0.6442   
100000                    1         0.0002   
100000 only               1         0.0002   
100800                    10995     1.8004   
100800 only               10980     1.798    
108000                    1         0.0002   
108000 only               1         0.0002   
129600                    6         0.001    
129600 only               6         0.001    
172800                    35        0.0057   
172800 only               35        0.0057   
216000                    3         0.0005   
216000 only               3         0.0005   
259200                    1         0.0002   
259200 only               1         0.0002   
432000                    1         0.0002   
432000 only               1         0.0002   
864000                    4         0.0007   
864000 only               4         0.0007   
7776000                   1         0.0002   
7776000 only              1         0.0002   
None                      140359    22.9838  
None only                 137708    22.5497  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      8258      1.3522   
ecdsa-with-SHA256         77739     12.7298  
sha1WithRSAEncryption     6451      1.0564   
sha256WithRSAEncryption   545357    89.3022  
sha384WithRSAEncryption   11        0.0018   
sha512WithRSAEncryption   100       0.0164   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 79471     13.0134  
ECDSA 384                 81        0.0133   
ECDSA 521                 1         0.0002   
RSA 1024                  6         0.001    
RSA 2048                  516773    84.6216  
RSA 2049                  3         0.0005   
RSA 2050                  1         0.0002   
RSA 2056                  2         0.0003   
RSA 2058                  1         0.0002   
RSA 2059                  1         0.0002   
RSA 2060                  1         0.0002   
RSA 2080                  6         0.001    
RSA 2084                  1         0.0002   
RSA 2086                  1         0.0002   
RSA 2096                  3         0.0005   
RSA 2432                  3         0.0005   
RSA 2560                  1         0.0002   
RSA 2948                  1         0.0002   
RSA 3072                  208       0.0341   
RSA 3096                  2         0.0003   
RSA 3248                  4         0.0007   
RSA 4048                  1         0.0002   
RSA 4056                  9         0.0015   
RSA 4068                  2         0.0003   
RSA 4069                  1         0.0002   
RSA 4086                  3         0.0005   
RSA 4092                  2         0.0003   
RSA 4094                  1         0.0002   
RSA 4096                  34689     5.6803   
RSA 8192                  13        0.0021   
RSA 8392                  1         0.0002   
RSA/ECDSA Dual Stack      20593     3.3721

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 145301    23.793   
Unsupported               465386    76.207   

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      12320     2.0174
SSL2 Only                 3         0.0005
SSL3                      74942     12.2718
SSL3 Only                 271       0.0444
SSL3 or TLS1 Only         36752     6.0181
SSL3 or lower Only        278       0.0455
TLS1                      595721    97.5493
TLS1 Only                 22118     3.6218
TLS1 or lower Only        48243     7.8998
TLS1.1                    553311    90.6047
TLS1.1 Only               41        0.0067
TLS1.1 or up Only         14551     2.3827
TLS1.2                    561160    91.89
TLS1.2 Only               4881      0.7993
TLS1.2, 1.0 but not 1.1   3903      0.6391

Client Hello intolerance                 Count     Percent
----------------------------------------+---------+-------
ext:EtM                                  10        0.0016
ext:ext #38                              9         0.0015
ext:key share                            14        0.0023
ext:OCSP staple                          17        0.0028
ext:padding                              9         0.0015
ext:SNI                                  113       0.0185
last ext empty                           13        0.0021
more groups                              124       0.0203
more sigalgs                             137       0.0224
secure renego ext                        210       0.0344
secure renego scsv                       240       0.0393
size 65537                               5         0.0008
size 65540                               85        0.0139
size 65541                               194       0.0318
size 65544                               237       0.0388
size 65545                               41        0.0067
size 66741                               39        0.0064
size 131073                              442       0.0724
size 131076                              186       0.0305
size #84 e/76                            27        0.0044
size #84 e/141                           10        0.0016
size #84 e/179                           10        0.0016
size #84 e/909                           40        0.0066
size #84 e/1156                          393       0.0644
size #84 e/1344                          5         0.0008
size #84 e/1356                          352       0.0576
size #84 e/1456                          5         0.0008
size #84 e/1521                          5         0.0008
size #84 e/1977                          5         0.0008
size #84 e/2049                          159       0.026
size #84 e/2053                          70        0.0115
size #84 e/2496                          5         0.0008
size #84 e/4076                          33        0.0054
size #84 e/4092                          1571      0.2573
size #84 e/4103                          10        0.0016
size #84 e/8192                          9         0.0015
size #84 e/10095                         12        0.002
size #84 e/10245                         4562      0.747
size #84 e/10338                         6         0.001
size #84 e/11634                         263       0.0431
size #84 e/11826                         5         0.0008
size #84 e/12288                         58        0.0095
size #84 e/12825                         5         0.0008
size #84 e/13480                         50        0.0082
size #84 e/13596                         7         0.0011
size #84 e/15142                         129       0.0211
size #84 e/15180                         86        0.0141
size #84 e/15360                         5         0.0008
size #84 e/16289                         9         0.0015
size #84 e/16353                         209       0.0342
size #84 e/16380                         36        0.0059
size #84 e/16382                         402       0.0658
size #84 e/16383                         40        0.0066
size #84 e/16384                         95        0.0156
size #84 e/16385                         25598     4.1917
size #84 e/16386                         16        0.0026
size #84 e/16387                         90        0.0147
size #84 e/16388                         150       0.0246
size #84 e/16389                         445047    72.8764
size #84 e/16392                         115204    18.8647
size #84 e/16556                         5         0.0008
size #84 e/16562                         80        0.0131
size #84 e/16612                         20        0.0033
size #84 e/16628                         6         0.001
size #84 e/16645                         137       0.0224
size #84 e/16740                         39        0.0064
size #84 e/16792                         7         0.0011
size #84 e/17145                         32        0.0052
size #84 e/17146                         6         0.001
size #84 e/17148                         7         0.0011
size #84 e/17182                         7         0.0011
size #84 e/17390                         25        0.0041
size #84 e/17468                         40        0.0066
size #84 e/17520                         7893      1.2925
size #84 e/17521                         65        0.0106
size #84 e/17522                         11        0.0018
size #84 e/17523                         65        0.0106
size #84 e/17524                         10        0.0016
size #84 e/17525                         6         0.001
size #84 e/17526                         68        0.0111
size #84 e/17527                         12        0.002
size #84 e/17528                         7         0.0011
size #84 e/17529                         17        0.0028
size #84 e/17530                         8         0.0013
size #84 e/17531                         7         0.0011
size #84 e/17532                         67        0.011
size #84 e/17533                         12        0.002
size #84 e/17535                         15        0.0025
size #84 e/17538                         14        0.0023
size #84 e/17539                         5         0.0008
size #84 e/17540                         7         0.0011
size #84 e/17541                         8         0.0013
size #84 e/17542                         8         0.0013
size #84 e/17544                         58        0.0095
size #84 e/17562                         5         0.0008
size #84 e/17592                         6         0.001
size #84 e/17640                         6         0.001
size #84 e/17676                         168       0.0275
size #84 e/17679                         5         0.0008
size #84 e/17692                         5         0.0008
size #84 e/17706                         16        0.0026
size #84 e/17736                         8         0.0013
size #84 e/17928                         25        0.0041
size #84 e/18312                         5         0.0008
size #84 e/18696                         6         0.001
size #84 e/18868                         7         0.0011
size #84 e/19464                         15        0.0025
size #84 e/20247                         10        0.0016
size #84 e/22536                         13        0.0021
size #84 e/32773                         123       0.0201
size #84 e/49153                         32        0.0052
size #84 e/65536                         258       0.0422
size c#/12                               13        0.0021
size c#/22                               14        0.0023
size c#/42                               5         0.0008
size c#/52                               435       0.0712
size c#/129                              1195      0.1957
size c#/201                              69        0.0113
size c#/257                              414       0.0678
size c#/475                              19        0.0031
size c#/501                              154       0.0252
size c#/612                              216       0.0354
size c#/614                              12        0.002
size c#/653                              133       0.0218
size c#/734                              5         0.0008
size c#/945                              7         0.0011
size c#/964                              5         0.0008
size c#/998                              30        0.0049
size c#/1000                             158       0.0259
size c#/1001                             9         0.0015
size c#/1972                             25        0.0041
size c#/1979                             7         0.0011
size c#/1980                             17        0.0028
size c#/1981                             17        0.0028
size c#/1982                             49        0.008
size c#/1983                             48        0.0079
size c#/1984                             77        0.0126
size c#/1985                             120       0.0197
size c#/1986                             142       0.0233
size c#/1987                             145       0.0237
size c#/1988                             122       0.02
size c#/1989                             62        0.0102
size c#/1990                             31        0.0051
size c#/1991                             7         0.0011
size c#/2013                             7         0.0011
size c#/2021                             724       0.1186
size c#/2027                             8         0.0013
size c#/4017                             6         0.001
size c#/4018                             6         0.001
size c#/4019                             14        0.0023
size c#/4020                             13        0.0021
size c#/4021                             21        0.0034
size c#/4022                             22        0.0036
size c#/4023                             12        0.002
size c#/4024                             9         0.0015
size c#/4035                             89        0.0146
size c#/4053                             6         0.001
size c#/4088                             6         0.001
size c#/5023                             12        0.002
size c#/5056                             7         0.0011
size c#/5075                             101       0.0165
size c#/5098                             4446      0.728
size c#/5103                             6         0.001
size c#/5747                             5         0.0008
size c#/5751                             263       0.0431
size c#/5757                             7         0.0011
size c#/5888                             5         0.0008
size c#/6119                             56        0.0092
size c#/6127                             5         0.0008
size c#/6715                             42        0.0069
size c#/6773                             7         0.0011
size c#/6946                             32        0.0052
size c#/6958                             9         0.0015
size c#/7086                             17        0.0028
size c#/7087                             51        0.0084
size c#/7088                             89        0.0146
size c#/7089                             176       0.0288
size c#/7090                             255       0.0418
size c#/7091                             395       0.0647
size c#/7092                             534       0.0874
size c#/7093                             630       0.1032
size c#/7094                             633       0.1037
size c#/7095                             515       0.0843
size c#/7096                             270       0.0442
size c#/7097                             107       0.0175
size c#/7098                             8         0.0013
size c#/7103                             8         0.0013
size c#/7104                             31        0.0051
size c#/7105                             2151      0.3522
size c#/7106                             115       0.0188
size c#/7107                             108540    17.7734
size c#/7235                             10        0.0016
size c#/8107                             6         0.001
size c#/8108                             10        0.0016
size c#/8109                             20        0.0033
size c#/8110                             63        0.0103
size c#/8111                             27        0.0044
size c#/8112                             34        0.0056
size c#/8113                             31        0.0051
size c#/8114                             38        0.0062
size c#/8115                             35        0.0057
size c#/8116                             23        0.0038
size c#/8117                             26        0.0043
size c#/8118                             23        0.0038
size c#/8119                             11        0.0018
size c#/8120                             28        0.0046
size c#/8121                             26        0.0043
size c#/8122                             16        0.0026
size c#/8123                             13        0.0021
size c#/8124                             18        0.0029
size c#/8125                             34        0.0056
size c#/8126                             8075      1.3223
size c#/8127                             113       0.0185
size c#/8128                             338       0.0553
size c#/8129                             514       0.0842
size c#/8130                             1094      0.1791
size c#/8131                             1912      0.3131
size c#/8132                             3313      0.5425
size c#/8133                             5366      0.8787
size c#/8134                             7932      1.2989
size c#/8135                             11289     1.8486
size c#/8136                             13035     2.1345
size c#/8137                             12120     1.9847
size c#/8138                             15148     2.4805
size c#/8139                             2197      0.3598
size c#/8140                             383       0.0627
size c#/8141                             17        0.0028
size c#/8142                             18        0.0029
size c#/8143                             16        0.0026
size c#/8144                             17        0.0028
size c#/8145                             5962      0.9763
size c#/8146                             28        0.0046
size c#/8147                             20146     3.2989
size c#/8152                             146       0.0239
size c#/8165                             35        0.0057
size c#/8166                             900       0.1474
size c#/8167                             69        0.0113
size c#/8168                             10433     1.7084
size c#/8169                             68        0.0111
size c#/8170                             360006    58.951
size c#/8171                             43        0.007
size c#/8172                             80        0.0131
size c#/8173                             35        0.0057
size c#/8259                             16        0.0026
size c#/8298                             112       0.0183
size c#/10755                            24        0.0039
size c#/15299                            13        0.0021
size c#/16362                            121       0.0198
size c#/24552                            32        0.0052
size c/74                                7         0.0011
size c/177                               11        0.0018
size c/199                               430       0.0704
size c/308                               1075      0.176
size c/312                               114       0.0187
size c/391                               5         0.0008
size c/452                               66        0.0108
size c/564                               327       0.0535
size c/568                               12        0.002
size c/667                               6         0.001
size c/670                               7         0.0011
size c/673                               7         0.0011
size c/674                               5         0.0008
size c/676                               5         0.0008
size c/1000                              21        0.0034
size c/1052                              97        0.0159
size c/1097                              8         0.0013
size c/1135                              47        0.0077
size c/1344                              6         0.001
size c/1356                              363       0.0594
size c/1456                              5         0.0008
size c/1521                              5         0.0008
size c/1977                              5         0.0008
size c/2049                              188       0.0308
size c/2052                              9         0.0015
size c/4076                              31        0.0051
size c/4092                              1589      0.2602
size c/4103                              10        0.0016
size c/8156                              6         0.001
size c/8192                              9         0.0015
size c/8226                              5         0.0008
size c/10095                             12        0.002
size c/10245                             4750      0.7778
size c/10338                             6         0.001
size c/11634                             263       0.0431
size c/11826                             5         0.0008
size c/12288                             61        0.01
size c/12304                             5         0.0008
size c/12825                             5         0.0008
size c/13476                             5         0.0008
size c/13480                             38        0.0062
size c/13596                             7         0.0011
size c/15360                             5         0.0008
size c/16067                             32        0.0052
size c/16091                             9         0.0015
size c/16289                             8         0.0013
size c/16353                             234       0.0383
size c/16380                             31        0.0051
size c/16382                             51        0.0084
size c/16383                             78        0.0128
size c/16384                             118       0.0193
size c/16385                             28774     4.7117
size c/16386                             1402      0.2296
size c/16387                             131       0.0215
size c/16388                             141       0.0231
size c/16389                             556872    91.1878
size c/16392                             33        0.0054
size c/16396                             6         0.001
size c/16397                             8         0.0013
size c/16400                             56        0.0092
size c/16401                             50        0.0082
size c/16404                             7         0.0011
size c/16406                             5         0.0008
size c/16408                             7850      1.2854
size c/16645                             138       0.0226
size c/18502                             6         0.001
size c/21559                             23        0.0038
size c/32769                             5         0.0008
size c/32773                             136       0.0223
size c/49153                             33        0.0054
size e#/2                                41        0.0067
size e#/6                                17        0.0028
size e#/8                                15        0.0025
size e#/9                                18        0.0029
size e#/12                               40        0.0066
size e#/16                               70        0.0115
size e#/18                               10        0.0016
size e#/20                               374       0.0612
size e#/32                               74        0.0121
size e#/33                               16        0.0026
size e#/38                               403       0.066
size e#/39                               11        0.0018
size e#/43                               8         0.0013
size e#/45                               6         0.001
size e#/52                               35        0.0057
size e#/64                               5         0.0008
size e#/70                               28        0.0046
size e#/134                              9         0.0015
size e#/256                              9         0.0015
size e#/303                              226       0.037
size e#/322                              9         0.0015
size e#/337                              5         0.0008
size e#/338                              8         0.0013
size e#/478                              6         0.001
size e#/491                              13        0.0021
size e#/494                              9         0.0015
size e#/497                              66        0.0108
size e#/512                              8         0.0013
size e#/662                              5         0.0008
size e#/983                              25        0.0041
size e#/985                              10        0.0016
size e#/986                              34        0.0056
size e#/987                              98        0.016
size e#/988                              196       0.0321
size e#/989                              287       0.047
size e#/990                              185       0.0303
size e#/991                              39        0.0064
size e#/994                              6         0.001
size e#/1002                             7         0.0011
size e#/1006                             724       0.1186
size e#/1009                             8         0.0013
size e#/1023                             13        0.0021
size e#/1874                             7         0.0011
size e#/1875                             20        0.0033
size e#/1876                             34        0.0056
size e#/1877                             34        0.0056
size e#/1878                             10        0.0016
size e#/1881                             89        0.0146
size e#/1976                             6         0.001
size e#/2014                             10        0.0016
size e#/2022                             8         0.0013
size e#/2031                             5         0.0008
size e#/2046                             54        0.0088
size e#/2050                             9         0.0015
size e#/2532                             100       0.0164
size e#/2545                             4452      0.729
size e#/2557                             5         0.0008
size e#/2868                             6         0.001
size e#/2871                             6         0.001
size e#/2872                             262       0.0429
size e#/3069                             37        0.0061
size e#/3070                             11        0.0018
size e#/3071                             7         0.0011
size e#/3324                             6         0.001
size e#/3337                             32        0.0052
size e#/3343                             9         0.0015
size e#/3352                             6         0.001
size e#/3353                             44        0.0072
size e#/3382                             6         0.001
size e#/3407                             6         0.001
size e#/3408                             30        0.0049
size e#/3409                             70        0.0115
size e#/3410                             246       0.0403
size e#/3411                             647       0.1059
size e#/3412                             1163      0.1904
size e#/3413                             1118      0.1831
size e#/3414                             356       0.0583
size e#/3415                             11        0.0018
size e#/3416                             1803      0.2952
size e#/3417                             108813    17.8181
size e#/3547                             5         0.0008
size e#/3580                             45        0.0074
size e#/3581                             32        0.0052
size e#/3772                             8         0.0013
size e#/3836                             39        0.0064
size e#/3837                             5         0.0008
size e#/3964                             33        0.0054
size e#/3965                             5         0.0008
size e#/4026                             5         0.0008
size e#/4028                             52        0.0085
size e#/4044                             6         0.001
size e#/4052                             53        0.0087
size e#/4054                             6         0.001
size e#/4055                             9         0.0015
size e#/4056                             17        0.0028
size e#/4057                             21        0.0034
size e#/4058                             83        0.0136
size e#/4059                             201       0.0329
size e#/4060                             16430     2.6904
size e#/4061                             3039      0.4976
size e#/4062                             8659      1.4179
size e#/4063                             19312     3.1623
size e#/4064                             25279     4.1394
size e#/4065                             9497      1.5551
size e#/4066                             381       0.0624
size e#/4067                             5938      0.9723
size e#/4068                             20153     3.3001
size e#/4072                             150       0.0246
size e#/4074                             5         0.0008
size e#/4075                             818       0.1339
size e#/4076                             78        0.0128
size e#/4077                             10        0.0016
size e#/4078                             29        0.0047
size e#/4079                             13        0.0021
size e#/4080                             9469      1.5505
size e#/4081                             350954    57.4687
size e#/4145                             8         0.0013
size e#/7513                             12        0.002
size e#/8177                             99        0.0162
size e#/12272                            23        0.0038
size e#/16367                            22        0.0036
size e/76                                22        0.0036
size e/141                               6         0.001
size e/179                               11        0.0018
size e/204                               42        0.0069
size e/256                               230       0.0377
size e/384                               30        0.0049
size e/511                               230       0.0377
size e/554                               6         0.001
size e/640                               222       0.0364
size e/1344                              5         0.0008
size e/1356                              373       0.0611
size e/1456                              6         0.001
size e/1521                              5         0.0008
size e/1977                              5         0.0008
size e/2047                              391       0.064
size e/2049                              189       0.0309
size e/2053                              69        0.0113
size e/2496                              6         0.001
size e/2783                              9         0.0015
size e/4076                              32        0.0052
size e/4092                              1586      0.2597
size e/4103                              11        0.0018
size e/8192                              9         0.0015
size e/10095                             12        0.002
size e/10245                             4757      0.779
size e/10338                             6         0.001
size e/11634                             263       0.0431
size e/11826                             5         0.0008
size e/12288                             62        0.0102
size e/12825                             5         0.0008
size e/13476                             7         0.0011
size e/13480                             45        0.0074
size e/13596                             7         0.0011
size e/15142                             129       0.0211
size e/15180                             88        0.0144
size e/15360                             5         0.0008
size e/16067                             32        0.0052
size e/16091                             9         0.0015
size e/16289                             9         0.0015
size e/16353                             238       0.039
size e/16380                             38        0.0062
size e/16382                             46        0.0075
size e/16383                             43        0.007
size e/16384                             117       0.0192
size e/16385                             28692     4.6983
size e/16386                             78        0.0128
size e/16387                             97        0.0159
size e/16388                             288       0.0472
size e/16389                             557120    91.2284
size e/16392                             22        0.0036
size e/16480                             5         0.0008
size e/16556                             6         0.001
size e/16562                             81        0.0133
size e/16612                             24        0.0039
size e/16628                             8         0.0013
size e/16645                             148       0.0242
size e/16740                             40        0.0066
size e/16792                             7         0.0011
size e/17145                             33        0.0054
size e/17148                             5         0.0008
size e/17182                             7         0.0011
size e/17390                             28        0.0046
size e/17468                             38        0.0062
size e/17520                             7898      1.2933
size e/17521                             68        0.0111
size e/17522                             8         0.0013
size e/17523                             67        0.011
size e/17524                             11        0.0018
size e/17525                             6         0.001
size e/17526                             68        0.0111
size e/17527                             12        0.002
size e/17528                             5         0.0008
size e/17529                             15        0.0025
size e/17530                             5         0.0008
size e/17531                             5         0.0008
size e/17532                             65        0.0106
size e/17533                             14        0.0023
size e/17534                             5         0.0008
size e/17535                             15        0.0025
size e/17537                             5         0.0008
size e/17538                             7         0.0011
size e/17539                             6         0.001
size e/17541                             10        0.0016
size e/17544                             55        0.009
size e/17547                             5         0.0008
size e/17556                             9         0.0015
size e/17643                             5         0.0008
size e/17676                             171       0.028
size e/17688                             5         0.0008
size e/17691                             5         0.0008
size e/17692                             5         0.0008
size e/17706                             9         0.0015
size e/17736                             10        0.0016
size e/17928                             26        0.0043
size e/18502                             7         0.0011
size e/18696                             5         0.0008
size e/18868                             5         0.0008
size e/19464                             17        0.0028
size e/20247                             8         0.0013
size e/21559                             5         0.0008
size e/22536                             10        0.0016
size e/28679                             5         0.0008
size e/32769                             5         0.0008
size e/32773                             136       0.0223
size e/49153                             33        0.0054
SSL 3.254                                11088     1.8157
SSL 4.0                                  14397     2.3575
SSL 4.3                                  13885     2.2737
SSL 255.255                              13944     2.2833
TLS 1.0                                  13827     2.2642
TLS 1.1                                  4304      0.7048
TLS 1.2                                  21        0.0034
TLS 1.3                                  6258      1.0247
TLS 1.4                                  6542      1.0713

Implementation families                               Count       Percent
-----------------------------------------------------+-----------+-------
65540                                              77        0.0126
65541                                              194       0.0318
65544                                              234       0.0383
65545                                              41        0.0067
131076                                             162       0.0265
c/308 c#/129 TLS_1.3+                              1072      0.1755
c/312 c#/129 TLS_1.3+                              50        0.0082
c/391 c#/129                                       5         0.0008
c/564 c#/257 TLS_1.3+                              30        0.0049
c/568 c#/257 TLS_1.3+                              12        0.002
c/1000 c#/475 TLS_1.3+                             19        0.0031
c/1052 c#/501 TLS_1.3+                             9         0.0015
e#/38 131073                                       17        0.0028
e#/38 SSL_3.254 SSL_255.255 131073                 23        0.0038
e#/38 SSL_4.0 131073                               317       0.0519
e#/38 SSL_4.0 SSL_3.254 SSL_255.255 131073         21        0.0034
e#/38 SSL_4.0+ SSL_3.254 131073                    6         0.001
e#/39 SSL_4.0 131073                               9         0.0015
e#/43 SSL_4.0 131073                               8         0.0013
e#/52 SSL_4.0 131073                               28        0.0046
e/76 e/640 e#/2 c/16383 #84_e/76                   6         0.001
e/204 e#/12 c/199 c#/52 #84_e/909                  25        0.0041
e/204 e#/20 c/199 c#/52 #84_e/909                  9         0.0015
e/511 e/256 e/10095 c/10095 #84_e/10095            12        0.002
e/511 e/256 e/10338 c/10338 #84_e/10338            6         0.001
e/511 e/256 e/11826 c/11826 #84_e/11826            5         0.0008
e/640 e/179 e#/9 c/177 c#/22 #84_e/179             7         0.0011
e/640 e/16389 e#/4081 c/16389 #84_e/16389          8         0.0013
e/1356 c/1356 c#/614 SSL_4.0+ #84_e/1356           5         0.0008
e/1356 c/1356 c#/653 SSL_4.0+ #84_e/1356           98        0.016
e/1356 c/1356 c#/653 TLS_1.3+ #84_e/1356           22        0.0036
e/1356 e#/303 c/1356 c#/612 #84_e/1356             189       0.0309
e/1521 c/1521 c#/734 TLS_1.4 TLS_1.3 TLS_1.2 SSL_3.254 #84_e/1521 5         0.0008
e/2047 e#/12 c/199 c#/52 #84_e/1156                12        0.002
e/2047 e#/20 c/199 c#/52 #84_e/1156                358       0.0586
e/2047 e#/33 c/199 c#/52 #84_e/1156                10        0.0016
e/2049 c/2049 c#/998 TLS_1.3+ #84_e/16382          17        0.0028
e/2049 c/2049 c#/1000 TLS_1.3+ #84_e/2049          154       0.0252
e/2049 e#/491 c/2049 c#/998 TLS_1.3+ #84_e/16382   13        0.0021
e/2053 e#/497 c/452 c#/201 SSL_4.0+ #84_e/2053     66        0.0108
e/4076 e#/983 c/4076 c#/1972 #84_e/4076            24        0.0039
e/4076 e#/1002 c/4076 c#/2013 #84_e/4076           5         0.0008
e/4092 e#/338 c/4092 c#/945 #84_e/16382            6         0.001
e/4092 e#/985 c/4092 c#/1979 #84_e/4092            7         0.0011
e/4092 e#/986 c/4092 c#/1980 #84_e/4092            17        0.0028
e/4092 e#/986 c/4092 c#/1981 #84_e/4092            17        0.0028
e/4092 e#/987 c/4092 c#/1982 #84_e/4092            48        0.0079
e/4092 e#/987 c/4092 c#/1983 #84_e/4092            48        0.0079
e/4092 e#/988 c/4092 c#/1984 #84_e/4092            76        0.0124
e/4092 e#/988 c/4092 c#/1985 #84_e/4092            119       0.0195
e/4092 e#/989 c/4092 c#/1986 #84_e/4092            142       0.0233
e/4092 e#/989 c/4092 c#/1987 #84_e/4092            144       0.0236
e/4092 e#/990 c/4092 c#/1988 #84_e/4092            120       0.0197
e/4092 e#/990 c/4092 c#/1989 #84_e/4092            62        0.0102
e/4092 e#/991 c/4092 c#/1990 #84_e/4092            31        0.0051
e/4092 e#/991 c/4092 c#/1991 #84_e/4092            6         0.001
e/4092 e#/1006 c/4092 c#/2021 #84_e/4092           718       0.1176
e/4103 e#/1009 c/4103 c#/2027 #84_e/4103           8         0.0013
e/10245 e#/1874 c/10245 c#/4017 SSL_3.254 #84_e/16382 6         0.001
e/10245 e#/1875 c/10245 c#/4018 SSL_3.254 #84_e/16382 6         0.001
e/10245 e#/1875 c/10245 c#/4019 SSL_3.254 #84_e/16382 11        0.0018
e/10245 e#/1876 c/10245 c#/4020 SSL_3.254 #84_e/16382 12        0.002
e/10245 e#/1876 c/10245 c#/4021 SSL_3.254 #84_e/16382 19        0.0031
e/10245 e#/1877 c/10245 c#/4022 SSL_3.254 #84_e/16382 19        0.0031
e/10245 e#/1877 c/10245 c#/4023 SSL_3.254 #84_e/16382 12        0.002
e/10245 e#/1878 c/10245 c#/4024 SSL_3.254 #84_e/16382 8         0.0013
e/10245 e#/1881 c/10245 c#/4035 #84_e/16382        89        0.0146
e/10245 e#/2532 c/10245 #84_e/10245                100       0.0164
e/10245 e#/2545 c/564 c#/257 SSL_3.254 #84_e/10245 6         0.001
e/10245 e#/2545 c/10245 #84_e/10245                521       0.0853
e/10245 e#/2545 c/10245 SSL_3.254 #84_e/10245      3921      0.6421
e/11634 e#/2872 c/11634 #84_e/11634                262       0.0429
e/13480 e#/3353 c/13480 #84_e/13480                17        0.0028
e/15142 e#/4067 c/16385 #84_e/15142                13        0.0021
e/15142 e#/4068 c/16389 #84_e/15142                115       0.0188
e/15180 e#/4060 c/16385 #84_e/15180                47        0.0077
e/15180 e#/4060 c/16408 #84_e/15180                37        0.0061
e/16067 e#/3337 c/16067 #84_e/16382                32        0.0052
e/16091 e#/3343 c/16091 #84_e/16382                9         0.0015
e/16289 c/16289 SSL_4.0+ #84_e/16289               8         0.0013
e/16353 e#/3408 c/16353 #84_e/16382                24        0.0039
e/16353 e#/4052 c/16353 #84_e/16353                46        0.0075
e/16353 e#/4054 c/16353 #84_e/16353                6         0.001
e/16353 e#/4055 c/16353 #84_e/16353                5         0.0008
e/16353 e#/4072 c/16353 #84_e/16353                120       0.0197
e/16353 e#/4072 c/16353 SSL_4.0+ SSL_3.254 #84_e/16353 5         0.0008
e/16353 e#/4072 c/16353 TLS_1.3+ #84_e/16353       9         0.0015
e/16380 e#/494 c/2052 c#/1001 #84_e/16380          9         0.0015
e/16380 e#/4078 c/16380 #84_e/16380                27        0.0044
e/16382 e#/4081 c/16389 #84_e/16389                12        0.002
e/16384 e#/4060 c/16384 #84_e/16384                43        0.007
e/16384 e#/4067 c/16384 #84_e/16384                10        0.0016
e/16384 e#/4079 c/16384 #84_e/16384                5         0.0008
e/16385 c/16385 #84_e/16385                        333       0.0545
e/16385 c/16385 #84_e/16392                        5         0.0008
e/16385 c/16385 SSL_4.0+ #84_e/16385               174       0.0285
e/16385 c/16385 SSL_4.0+ #84_e/16392               97        0.0159
e/16385 c/16385 TLS_1.3+ #84_e/16385               569       0.0932
e/16385 c/16385 TLS_1.3+ #84_e/16392               136       0.0223
e/16385 c/16385 TLS_1.3+ TLS_1.2 #84_e/16385       6         0.001
e/16385 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 183       0.03
e/16385 e#/3409 c/16385 TLS_1.3+ #84_e/16392       5         0.0008
e/16385 e#/3410 c/16385 #84_e/16392                11        0.0018
e/16385 e#/3410 c/16385 TLS_1.3+ #84_e/16392       13        0.0021
e/16385 e#/3411 c/16385 #84_e/16392                9         0.0015
e/16385 e#/3411 c/16385 #84_e/65536                5         0.0008
e/16385 e#/3411 c/16385 TLS_1.3+ #84_e/16392       14        0.0023
e/16385 e#/3412 c/16385 #84_e/16392                11        0.0018
e/16385 e#/3412 c/16385 TLS_1.3+ #84_e/16392       21        0.0034
e/16385 e#/3413 c/16385 #84_e/16392                5         0.0008
e/16385 e#/3413 c/16385 TLS_1.3+ #84_e/16392       15        0.0025
e/16385 e#/3416 c/16385 #84_e/16392                324       0.0531
e/16385 e#/3416 c/16385 #84_e/65536                207       0.0339
e/16385 e#/3416 c/16385 SSL_4.0+ #84_e/16392       1053      0.1724
e/16385 e#/3416 c/16386 SSL_4.0+ #84_e/16392       56        0.0092
e/16385 e#/3416 c/16387 SSL_4.0+ #84_e/16392       44        0.0072
e/16385 e#/3416 c/16389 SSL_4.0+ #84_e/16392       8         0.0013
e/16385 e#/3417 c/16385 SSL_4.0+ #84_e/16392       246       0.0403
e/16385 e#/3417 c/16386 SSL_4.0+ #84_e/16392       22        0.0036
e/16385 e#/3417 c/16387 SSL_4.0+ #84_e/16392       25        0.0041
e/16385 e#/3417 c/16389 SSL_4.0+ #84_e/16392       5         0.0008
e/16385 e#/4057 c/16385 #84_e/16385                8         0.0013
e/16385 e#/4058 c/16385 #84_e/16385                30        0.0049
e/16385 e#/4059 c/16385 #84_e/16385                50        0.0082
e/16385 e#/4060 c/1135 c#/501 #84_e/16385          8         0.0013
e/16385 e#/4060 c/16385 #84_e/16385                7757      1.2702
e/16385 e#/4060 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 12        0.002
e/16385 e#/4061 c/16385 #84_e/16385                279       0.0457
e/16385 e#/4061 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 5         0.0008
e/16385 e#/4062 c/16385 #84_e/16385                599       0.0981
e/16385 e#/4063 c/16385 #84_e/16385                718       0.1176
e/16385 e#/4063 c/16385 SSL_4.0 #84_e/16385        5         0.0008
e/16385 e#/4064 c/16385 #84_e/16385                315       0.0516
e/16385 e#/4065 c/16385 #84_e/16385                28        0.0046
e/16385 e#/4067 c/16385 #84_e/16385                5893      0.965
e/16385 e#/4075 c/16385 #84_e/16385                20        0.0033
e/16385 e#/4075 c/16385 TLS_1.3+ #84_e/16392       718       0.1176
e/16385 e#/4080 c/564 c#/257 #84_e/16385           41        0.0067
e/16385 e#/4080 c/1052 c#/501 #84_e/16385          5         0.0008
e/16385 e#/4080 c/16385 #84_e/16385                4859      0.7957
e/16385 e#/4080 c/16385 SSL_4.0+ #84_e/16385       496       0.0812
e/16385 e#/4080 c/16385 TLS_1.3+ #84_e/16385       2921      0.4783
e/16385 e#/4080 c/16385 TLS_1.4 SSL_4.0+ SSL_3.254 #84_e/16385 70        0.0115
e/16385 e#/4081 c/16385 SSL_4.0+ #84_e/16385       16        0.0026
e/16385 e#/4081 c/16389 #84_e/16385                20        0.0033
e/16386 e#/3416 c/16385 SSL_4.0+ #84_e/16392       23        0.0038
e/16386 e#/3417 c/16385 SSL_4.0+ #84_e/16392       23        0.0038
e/16387 e#/4068 c/16385 #84_e/16387                6         0.001
e/16387 e#/4068 c/16389 #84_e/16389                9         0.0015
e/16387 e#/4081 c/16389 #84_e/16389                13        0.0021
e/16388 e#/3416 c/16385 SSL_4.0+ #84_e/16392       43        0.007
e/16388 e#/3417 c/16385 SSL_4.0+ #84_e/16392       24        0.0039
e/16388 e#/3417 c/16388 #84_e/16392                9         0.0015
e/16388 e#/4068 c/16388 #84_e/16388                7         0.0011
e/16388 e#/4068 c/16389 #84_e/16387                8         0.0013
e/16388 e#/4068 c/16389 #84_e/16388                6         0.001
e/16388 e#/4068 c/16389 #84_e/16389                14        0.0023
e/16388 e#/4081 c/16389 #84_e/16388                20        0.0033
e/16388 e#/4081 c/16389 #84_e/16389                11        0.0018
e/16389 c/564 c#/257 SSL_4.0+ #84_e/16389          13        0.0021
e/16389 c/16389 #84_e/16389                        6374      1.0437
e/16389 c/16389 #84_e/16392                        37        0.0061
e/16389 c/16389 SSL_4.0+ #84_e/16389               2324      0.3806
e/16389 c/16389 SSL_4.0+ #84_e/16392               25        0.0041
e/16389 c/16389 TLS_1.3+ #84_e/16389               127       0.0208
e/16389 c/16389 TLS_1.3+ #84_e/16392               39        0.0064
e/16389 e#/2 c/16389 #84_e/16389                   17        0.0028
e/16389 e#/8 c/16389 #84_e/16389                   11        0.0018
e/16389 e#/16 c/16389 #84_e/16389                  43        0.007
e/16389 e#/16 c/16389 #84_e/16392                  11        0.0018
e/16389 e#/18 c/16389 #84_e/16392                  7         0.0011
e/16389 e#/32 c/16389 #84_e/16389                  71        0.0116
e/16389 e#/38 c/16389 #84_e/16389                  6         0.001
e/16389 e#/70 c/16389 #84_e/16389                  28        0.0046
e/16389 e#/134 c/16389 #84_e/16389                 9         0.0015
e/16389 e#/1023 c/16389 #84_e/16389                6         0.001
e/16389 e#/2046 c/16389 #84_e/16389                40        0.0066
e/16389 e#/3069 c/16389 #84_e/16389                20        0.0033
e/16389 e#/3070 c/16389 #84_e/16389                6         0.001
e/16389 e#/3407 c/16389 #84_e/16392                5         0.0008
e/16389 e#/3409 c/16389 #84_e/16392                61        0.01
e/16389 e#/3410 c/16389 #84_e/16392                220       0.036
e/16389 e#/3411 c/16389 #84_e/16392                619       0.1014
e/16389 e#/3412 c/16389 #84_e/16392                1124      0.1841
e/16389 e#/3413 c/16389 #84_e/16392                1097      0.1796
e/16389 e#/3414 c/16389 #84_e/16392                355       0.0581
e/16389 e#/3415 c/16389 #84_e/16392                8         0.0013
e/16389 e#/3416 c/16389 #84_e/16392                10        0.0016
e/16389 e#/3417 c/16382 #84_e/16392                5         0.0008
e/16389 e#/3417 c/16383 #84_e/16392                13        0.0021
e/16389 e#/3417 c/16389 #84_e/16392                108247    17.7254
e/16389 e#/3417 c/16389 SSL_4.0+ #84_e/16392       31        0.0051
e/16389 e#/3580 c/16389 #84_e/16389                30        0.0049
e/16389 e#/3836 c/16389 #84_e/16389                26        0.0043
e/16389 e#/3964 c/16389 #84_e/16389                27        0.0044
e/16389 e#/4028 c/16389 #84_e/16389                31        0.0051
e/16389 e#/4056 c/16389 #84_e/16389                8         0.0013
e/16389 e#/4057 c/16389 #84_e/16389                10        0.0016
e/16389 e#/4058 c/16389 #84_e/16389                40        0.0066
e/16389 e#/4059 c/16389 #84_e/16389                134       0.0219
e/16389 e#/4060 c/16389 #84_e/16389                630       0.1032
e/16389 e#/4061 c/674 c#/257 #84_e/16389           5         0.0008
e/16389 e#/4061 c/16389 #84_e/16389                2666      0.4366
e/16389 e#/4062 c/670 c#/257 #84_e/16389           6         0.001
e/16389 e#/4062 c/16389 #84_e/16389                7909      1.2951
e/16389 e#/4063 c/667 c#/257 #84_e/16389           6         0.001
e/16389 e#/4063 c/16389 #84_e/16389                18423     3.0168
e/16389 e#/4064 c/16389 #84_e/16389                24854     4.0698
e/16389 e#/4065 c/16389 #84_e/16389                9460      1.5491
e/16389 e#/4066 c/16389 #84_e/16389                378       0.0619
e/16389 e#/4068 c/1097 c#/501 #84_e/16389          8         0.0013
e/16389 e#/4068 c/16387 #84_e/16389                7         0.0011
e/16389 e#/4068 c/16388 #84_e/16389                12        0.002
e/16389 e#/4068 c/16389 #84_e/16387                5         0.0008
e/16389 e#/4068 c/16389 #84_e/16388                10        0.0016
e/16389 e#/4068 c/16389 #84_e/16389                19853     3.2509
e/16389 e#/4068 c/16389 #84_e/16392                5         0.0008
e/16389 e#/4076 c/16389 #84_e/16389                47        0.0077
e/16389 e#/4076 c/16389 #84_e/16392                19        0.0031
e/16389 e#/4077 c/16389 #84_e/16389                6         0.001
e/16389 e#/4080 c/16386 #84_e/16389                17        0.0028
e/16389 e#/4080 c/16386 TLS_1.3+ #84_e/16389       27        0.0044
e/16389 e#/4080 c/16389 #84_e/16389                47        0.0077
e/16389 e#/4081 c/564 c#/257 #84_e/16389           201       0.0329
e/16389 e#/4081 c/1052 c#/501 #84_e/16389          60        0.0098
e/16389 e#/4081 c/16382 #84_e/16389                21        0.0034
e/16389 e#/4081 c/16382 SSL_4.0+ #84_e/16389       5         0.0008
e/16389 e#/4081 c/16386 #84_e/16389                18        0.0029
e/16389 e#/4081 c/16388 #84_e/16389                19        0.0031
e/16389 e#/4081 c/16389 #84_e/16382                8         0.0013
e/16389 e#/4081 c/16389 #84_e/16387                14        0.0023
e/16389 e#/4081 c/16389 #84_e/16388                18        0.0029
e/16389 e#/4081 c/16389 #84_e/16389                348418    57.0534
e/16389 e#/4081 c/16389 SSL_4.0+ #84_e/16389       1814      0.297
e/16389 e#/4081 c/16389 TLS_1.3+ #84_e/16389       33        0.0054
e/16392 e#/16367 c/16392 #84_e/16392               16        0.0026
e/16556 e#/4080 c/16386 #84_e/16556                5         0.0008
e/16562 e#/4060 c/16408 #84_e/16562                56        0.0092
e/16562 e#/4080 c/16386 #84_e/16562                17        0.0028
e/16612 e#/3581 c/16408 #84_e/16612                16        0.0026
e/16645 c/564 c#/257 #84_e/16645                   9         0.0015
e/16645 c/16645 #84_e/16645                        98        0.016
e/16645 c/16645 #84_e/65536                        9         0.0015
e/16645 c/16645 SSL_4.0+ #84_e/16645               20        0.0033
e/16645 e#/4145 c/16645 #84_e/16645                8         0.0013
e/16740 e#/4060 c/16408 #84_e/16740                31        0.0051
e/16792 e#/4060 c/16408 #84_e/16792                5         0.0008
e/17145 e#/4060 c/16408 #84_e/17145                22        0.0036
e/17390 e#/4060 c/16408 #84_e/17390                16        0.0026
e/17390 e#/4080 c/16386 #84_e/17390                7         0.0011
e/17468 e#/4060 c/16408 #84_e/17468                23        0.0038
e/17468 e#/4080 c/16386 #84_e/17468                15        0.0025
e/17520 e#/4060 c/1135 c#/501 #84_e/17520          15        0.0025
e/17520 e#/4060 c/16385 #84_e/17520                6         0.001
e/17520 e#/4060 c/16392 #84_e/17520                9         0.0015
e/17520 e#/4060 c/16408 #84_e/17520                6314      1.0339
e/17520 e#/4060 c/16408 #84_e/17521                29        0.0047
e/17520 e#/4060 c/16408 #84_e/17523                36        0.0059
e/17520 e#/4060 c/16408 #84_e/17524                6         0.001
e/17520 e#/4060 c/16408 #84_e/17526                38        0.0062
e/17520 e#/4060 c/16408 #84_e/17532                38        0.0062
e/17520 e#/4060 c/16408 #84_e/17535                6         0.001
e/17520 e#/4060 c/16408 #84_e/17538                6         0.001
e/17520 e#/4060 c/16408 #84_e/17544                36        0.0059
e/17520 e#/4060 c/16408 #84_e/17928                12        0.002
e/17520 e#/4060 c/16408 #84_e/19464                6         0.001
e/17520 e#/4060 c/16408 #84_e/22536                5         0.0008
e/17520 e#/4061 c/16385 #84_e/17520                19        0.0031
e/17520 e#/4061 c/16386 #84_e/17520                11        0.0018
e/17520 e#/4061 c/16400 #84_e/17520                8         0.0013
e/17520 e#/4061 c/16401 #84_e/17520                6         0.001
e/17520 e#/4062 c/16385 #84_e/17520                43        0.007
e/17520 e#/4062 c/16386 #84_e/17520                35        0.0057
e/17520 e#/4062 c/16400 #84_e/17520                17        0.0028
e/17520 e#/4062 c/16401 #84_e/17520                11        0.0018
e/17520 e#/4063 c/16385 #84_e/17520                42        0.0069
e/17520 e#/4063 c/16386 #84_e/17520                57        0.0093
e/17520 e#/4063 c/16400 #84_e/17520                17        0.0028
e/17520 e#/4063 c/16401 #84_e/17520                11        0.0018
e/17520 e#/4064 c/16385 #84_e/17520                23        0.0038
e/17520 e#/4064 c/16386 #84_e/17520                48        0.0079
e/17520 e#/4064 c/16401 #84_e/17520                14        0.0023
e/17520 e#/4075 c/16386 #84_e/17520                57        0.0093
e/17520 e#/4080 c/564 c#/257 #84_e/17520           6         0.001
e/17520 e#/4080 c/16386 #84_e/17520                772       0.1264
e/17520 e#/4080 c/16386 #84_e/17544                5         0.0008
e/17521 e#/4060 c/16408 #84_e/17520                41        0.0067
e/17521 e#/4060 c/16408 #84_e/17521                5         0.0008
e/17521 e#/4080 c/16386 #84_e/17520                5         0.0008
e/17523 e#/4060 c/16408 #84_e/17520                33        0.0054
e/17526 e#/4060 c/16408 #84_e/17520                33        0.0054
e/17532 e#/4060 c/16408 #84_e/17520                31        0.0051
e/17533 e#/4060 c/16408 #84_e/17520                6         0.001
e/17544 e#/4060 c/16408 #84_e/17520                36        0.0059
e/17676 e#/4060 c/1135 c#/501 #84_e/17676          9         0.0015
e/17676 e#/4060 c/16408 #84_e/17676                121       0.0198
e/17676 e#/4080 c/16386 #84_e/17676                19        0.0031
e/17706 e#/4060 c/16408 #84_e/17706                6         0.001
e/17928 e#/4060 c/16408 #84_e/17520                10        0.0016
e/20247 e#/4060 c/16408 #84_e/20247                5         0.0008
e/32773 c/32773 #84_e/32773                        5         0.0008
e/32773 c/32773 SSL_4.0 #84_e/32773                17        0.0028
e/32773 e#/7513 c/32773 SSL_4.0 #84_e/65536        12        0.002
e/32773 e#/8177 c/32773 #84_e/32773                54        0.0088
e/32773 e#/8177 c/32773 SSL_4.0 #84_e/32773        45        0.0074
e/49153 c/49153 #84_e/49153                        9         0.0015
e/49153 e#/12272 c/49153 #84_e/49153               23        0.0038
ext:OCSP_staple e/16389 e#/4081 c/16389 #84_e/16389 13        0.0021
ext:SNI e/16385 e#/4080 c/16385 TLS_1.3+ #84_e/16385 8         0.0013
ext:SNI e/16389 e#/3417 c/16389 #84_e/16392        92        0.0151
last_ext_empty                                     7         0.0011
more_groups e/16389 e#/4081 c/16389 #84_e/16389    8         0.0013
more_sigalgs 131076                                24        0.0039
more_sigalgs e/16389 e#/4081 c/16389 #84_e/16389   11        0.0018
secure_renego_ext c/312 c#/129 TLS_1.3+            64        0.0105
secure_renego_ext e/12288 c/12288 #84_e/12288      56        0.0092
secure_renego_scsv e/16389 e#/3417 c/16389 #84_e/16392 13        0.0021
secure_renego_scsv e/16389 e#/4081 c/16389 #84_e/16389 10        0.0016
secure_renego_scsv e/16389 e#/4081 c/16389 SSL_4.0+ #84_e/16389 21        0.0034
secure_renego_scsv SSL_4.0+                        15        0.0025
secure_renego_scsv SSL_4.0+ SSL_3.254              23        0.0038
SSL_4.0+                                           8         0.0013
SSL_4.0+ SSL_3.254                                 337       0.0552
TLS_1.3+ 66741                                     39        0.0064



Statistics from 637803 chains provided by 727258 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  582971    80.1601
incomplete                18958     2.6068
untrusted                 125329    17.2331

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
1                         1         0.0002
2                         1         0.0002
3                         631334    98.9857
4                         6458      1.0125
5                         9         0.0014

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 77654     
ECDSA 384                 77160     
RSA 1024                  2         
RSA 2045                  2         
RSA 2048                  923610    
RSA 4096                  203652    

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 77654     12.1752
ECDSA 384                 77160     12.0978
RSA 1024                  2         0.0003
RSA 2045                  2         0.0003
RSA 2048                  560282    87.8456
RSA 4096                  203070    31.839

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              77131     
sha1WithRSAEncryption          7198      
sha256WithRSAEncryption        375546    
sha384WithRSAEncryption        184338    
sha512WithRSAEncryption        64        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        7155      1.1218
112                       553491    86.7809
128                       77157     12.0973

Root CAs                                      Count     Percent
---------------------------------------------+---------+-------
(d6325660) COMODO RSA Certification Authority 166931    26.1728
(2c543cd1) GeoTrust Global CA                 85802     13.4527
(eed8c118) COMODO ECC Certification Authority 77124     12.0921
(2e5ac55d) DST Root CA X3                     46689     7.3203
(cbf06781) Go Daddy Root Certificate Authorit 43879     6.8797
(5ad8a5d6) GlobalSign Root CA                 33632     5.2731
(b204d74a) VeriSign Class 3 Public Primary Ce 29401     4.6097
(244b5494) DigiCert High Assurance EV Root CA 19279     3.0227
(fc5a8f99) USERTrust RSA Certification Author 17292     2.7112
(2e4eed3c) thawte Primary Root CA             15356     2.4076
(653b494a) Baltimore CyberTrust Root          13911     2.1811
(4bfab552) Starfield Root Certificate Authori 12512     1.9617
(3513523f) DigiCert Global Root CA            10193     1.5981
(062cdee6) GlobalSign                         9227      1.4467
(ae8153b9) StartCom Certification Authority   8760      1.3735
(e2799e36) GeoTrust Primary Certification Aut 6576      1.031

Intermediate CA                               Count     Percent
---------------------------------------------+---------+-------
(8d28ae65) COMODO RSA Domain Validation Secur 100218    15.713
(6cfa716c) COMODO ECC Domain Validation Secur 77064     12.0827
(4f06f81d) Let's Encrypt Authority X3         46689     7.3203
(27eb7704) Go Daddy Secure Certificate Author 43879     6.8797
(1400f578) cPanel, Inc. Certification Authori 33625     5.272
(53f3e569) RapidSSL SHA256 CA - G3            29554     4.6337
(7d9c641e) Symantec Class 3 Secure Server CA  21947     3.441
(80ecc636) RapidSSL SHA256 CA                 21392     3.354
(493a2f06) COMODO RSA Domain Validation Secur 18352     2.8774
(16744f0c) AlphaSSL CA - SHA256 - G2          16029     2.5132
(38ae8eda) DigiCert SHA2 High Assurance Serve 15557     2.4392
(10310d4b) GeoTrust SSL CA - G3               13190     2.068
(cd7781e5) Starfield Secure Certificate Autho 12512     1.9617
(b85455c4) GlobalSign Organization Validation 10488     1.6444
(c4c7a654) Google Internet Authority G2       10461     1.6402
(c43a77d9) COMODO RSA Organization Validation 10356     1.6237
(85cf5865) DigiCert SHA2 Secure Server CA     10134     1.5889
(d7d634d4) GlobalSign Domain Validation CA -  10091     1.5821
(3d97f5e2) Verizon Akamai SureServer CA G14-S 9563      1.4994
(9ad474ec) thawte SSL CA - G2                 8816      1.3822
(fd917e82) SecureCore RSA DV CA               6808      1.0674

Scan performed between 24th of October and 28th of November 2016.

September 2016 scan results

There are additional tests performed against the servers, “last ext empty” is when the server rejects connections with last extension in Client Hello being empty.
Test with “more groups” and “more sigalgs” represents connections rejected by server when the groups extension or the signature algorithms extension included undefined codepoints. For “secure renego” tests check if the server that recognises the secure renegotiation extension or signalling cipher suite value, but does not the other, “secure renego ext” for extensions and “secure renego scsv” for the cipher suite value.

SSL/TLS survey of 617341 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      530948    86.0056
3DES Only                 458       0.0742
3DES Preferred            1424      0.2307
3DES forced in TLS1.1+    874       0.1416
AES                       613965    99.4531
AES Only                  53257     8.6268
AES-CBC                   613426    99.3658
AES-CBC Only              4167      0.675
AES-GCM                   534925    86.6498
AES-GCM Only              502       0.0813
CAMELLIA                  267704    43.364
CAMELLIA Only             1         0.0002
CHACHA20                  92079     14.9154
CHACHA20 Only             1         0.0002
Insecure                  47164     7.6399
RC4                       141007    22.841
RC4 Only                  89        0.0144
RC4 Preferred             10850     1.7575
RC4 forced in TLS1.1+     5931      0.9607
x:FF 29 3DES Only         499       0.0808
x:FF 29 3DES Preferred    1718      0.2783
x:FF 29 RC4 Only          131       0.0212
x:FF 29 RC4 Preferred     12343     1.9994
x:FF 29 incompatible      493       0.0799
x:FF 35 3DES Only         505       0.0818
x:FF 35 3DES Preferred    1608      0.2605
x:FF 35 RC4 Only          147       0.0238
x:FF 35 RC4 Preferred     12357     2.0016
x:FF 35 incompatible      495       0.0802
x:FF 44 3DES Only         3262      0.5284
x:FF 44 3DES Preferred    6200      1.0043
x:FF 44 incompatible      642       0.104
y:DHE-RSA-SEED-SHA        77072     12.4845
y:IDEA-CBC-SHA            76282     12.3565
y:SEED-SHA                91038     14.7468
z:ADH-AES128-GCM-SHA256   420       0.068
z:ADH-AES128-SHA          636       0.103
z:ADH-AES128-SHA256       275       0.0445
z:ADH-AES256-GCM-SHA384   432       0.07
z:ADH-AES256-SHA          675       0.1093
z:ADH-AES256-SHA256       276       0.0447
z:ADH-CAMELLIA128-SHA     327       0.053
z:ADH-CAMELLIA256-SHA     345       0.0559
z:ADH-DES-CBC-SHA         218       0.0353
z:ADH-DES-CBC3-SHA        642       0.104
z:ADH-RC4-MD5             442       0.0716
z:ADH-SEED-SHA            262       0.0424
z:AECDH-AES128-SHA        7916      1.2823
z:AECDH-AES256-SHA        7961      1.2896
z:AECDH-DES-CBC3-SHA      7860      1.2732
z:AECDH-NULL-SHA          51        0.0083
z:AECDH-RC4-SHA           7371      1.194
z:DES-CBC-MD5             5046      0.8174
z:DES-CBC-SHA             29895     4.8425
z:DES-CBC3-MD5            13554     2.1955
z:ECDHE-RSA-NULL-SHA      57        0.0092
z:EDH-RSA-DES-CBC-SHA     25634     4.1523
z:EXP-ADH-DES-CBC-SHA     131       0.0212
z:EXP-ADH-RC4-MD5         130       0.0211
z:EXP-DES-CBC-SHA         8638      1.3992
z:EXP-EDH-RSA-DES-CBC-SHA 6804      1.1021
z:EXP-RC2-CBC-MD5         10304     1.6691
z:EXP-RC4-MD5             10764     1.7436
z:EXP1024-DES-CBC-SHA     2644      0.4283
z:EXP1024-RC4-SHA         2694      0.4364
z:IDEA-CBC-MD5            1036      0.1678
z:NULL-MD5                174       0.0282
z:NULL-SHA                173       0.028
z:NULL-SHA256             55        0.0089
z:RC2-CBC-MD5             5209      0.8438
z:RC4-64-MD5              550       0.0891

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               144584    23.4204
Server side               472757    76.5796

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       834       0.1351
AECDH                     7967      1.2905
DHE                       341995    55.3981
ECDH                      1         0.0002
ECDHE                     556450    90.1366
ECDHE and DHE             305194    49.4369
RSA                       523699    84.8314

Supported NPN protocols   Count    Percent 
-------------------------+---------+--------
None                      366921    59.4357  
None Only                 366921    59.4357  
h2                        145644    23.5921  
h2 Only                   59        0.0096   
h2-12                     5         0.0008   
h2-14                     2315      0.375    
h2-14 Only                2         0.0003   
h2-16                     65        0.0105   
h2-17                     1150      0.1863   
h2-fb                     42        0.0068   
h2c                       1153      0.1868   
http                      1         0.0002   
http/1                    1         0.0002   
http/1.0                  17848     2.8911   
http/1.1                  250648    40.6012  
http/1.1 Only             79415     12.864   
http1.0                   17        0.0028   
http1.1                   17        0.0028   
https                     1         0.0002   
https Only                1         0.0002   
spdy                      1         0.0002   
spdy/2                    15091     2.4445   
spdy/2 Only               1         0.0002   
spdy/3                    15278     2.4748   
spdy/3.0                  1         0.0002   
spdy/3.1                  110468    17.8942  
spdy/3.1 Only             1         0.0002   
x-mod-spdy/0.9.4.1-0      1         0.0002   
x-mod-spdy/0.9.4.1-146826 71        0.0115   
x-mod-spdy/0.9.4.1-1e75259 2         0.0003   
x-mod-spdy/0.9.4.1-4e5ad45 2         0.0003   
x-mod-spdy/0.9.4.1-51b34c6 1         0.0002   
x-mod-spdy/0.9.4.1-6bd08c0 2         0.0003   
x-mod-spdy/0.9.4.1-ab03b62 1         0.0002   
x-mod-spdy/0.9.4.1-df466c5 1         0.0002   
x-mod-spdy/0.9.4.1-f7ff75d 1         0.0002   
x-mod-spdy/0.9.4.2-146826 84        0.0136   
x-mod-spdy/0.9.4.2-3a57358 3         0.0005   
x-mod-spdy/0.9.4.2-413    8         0.0013   
x-mod-spdy/0.9.4.2-414    1         0.0002   
x-mod-spdy/0.9.4.3-146826 854       0.1383   
x-mod-spdy/0.9.4.3-420    202       0.0327   

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               108434    17.5647  31.7063
DH,1338bits               1         0.0002   0.0003
DH,2046bits               1         0.0002   0.0003
DH,2048bits               213049    34.5107  62.2959
DH,2049bits               1         0.0002   0.0003
DH,2236bits               91        0.0147   0.0266
DH,2432bits               2         0.0003   0.0006
DH,3072bits               156       0.0253   0.0456
DH,3092bits               1         0.0002   0.0003
DH,4094bits               1         0.0002   0.0003
DH,4096bits               19952     3.2319   5.834
DH,512bits                89        0.0144   0.026
DH,6144bits               1         0.0002   0.0003
DH,768bits                310       0.0502   0.0906
DH,8192bits               5         0.0008   0.0015
ECDH,B-571,570bits        5789      0.9377   1.0403
ECDH,P-192,192bits        82        0.0133   0.0147
ECDH,P-224,224bits        81        0.0131   0.0146
ECDH,P-256,256bits        521108    84.4117  93.6487
ECDH,P-384,384bits        14019     2.2709   2.5194
ECDH,P-521,521bits        17236     2.792    3.0975
Prefer DH,1024bits        37181     6.0228   10.8718
Prefer DH,2048bits        4883      0.791    1.4278
Prefer DH,3072bits        8         0.0013   0.0023
Prefer DH,4096bits        379       0.0614   0.1108
Prefer DH,768bits         33        0.0053   0.0096
Prefer ECDH,B-571,570bits 5568      0.9019   1.0006
Prefer ECDH,P-192,192bits 3         0.0005   0.0005
Prefer ECDH,P-224,224bits 79        0.0128   0.0142
Prefer ECDH,P-256,256bits 489198    79.2428  87.9141
Prefer ECDH,P-384,384bits 11465     1.8572   2.0604
Prefer ECDH,P-521,521bits 16733     2.7105   3.0071
Prefer PFS                565530    91.6074  0
Support PFS               593251    96.0978  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
None                      1         0.0002   
None Only                 1         0.0002   
brainpoolP256r1           37819     6.1261   
brainpoolP384r1           37835     6.1287   
brainpoolP512r1           37847     6.1306   
prime192v1                1655      0.2681   
prime256v1                533959    86.4934  
prime256v1 Only           443013    71.7615  
secp160k1                 1531      0.248    
secp160r1                 1545      0.2503   
secp160r2                 1529      0.2477   
secp192k1                 1543      0.2499   
secp224k1                 1614      0.2614   
secp224r1                 5247      0.8499   
secp224r1 Only            2         0.0003   
secp256k1                 40064     6.4898   
secp384r1                 99404     16.102   
secp384r1 Only            7234      1.1718   
secp521r1                 69486     11.2557  
secp521r1 Only            145       0.0235   
sect163k1                 1531      0.248    
sect163k1 Only            3         0.0005   
sect163r1                 1530      0.2478   
sect163r2                 1530      0.2478   
sect193r1                 1530      0.2478   
sect193r2                 1530      0.2478   
sect233k1                 1606      0.2601   
sect233r1                 1606      0.2601   
sect239k1                 1606      0.2601   
sect283k1                 39167     6.3445   
sect283k1 Only            1         0.0002   
sect283r1                 39164     6.344    
sect409k1                 39168     6.3446   
sect409r1                 39167     6.3445   
sect571k1                 39169     6.3448   
sect571r1                 39174     6.3456   
sect571r1 Only            2         0.0003   
server                    38749     6.2768   
server Only               38749     6.2768   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          556236    90.1019  
unknown                        61105     9.8981   

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
                          37735     6.1125   
client                    18709     3.0306   
server                    500010    80.9941  
unknown                   60887     9.8628   

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     60396     9.7832   
ECDSA-SHA1 Only                4         0.0006   
ECDSA-SHA224                   60341     9.7743   
ECDSA-SHA256                   79253     12.8378  
ECDSA-SHA384                   79228     12.8337  
ECDSA-SHA512                   79233     12.8346  
ECDSA-SHA512 Only              22        0.0036   
RSA-MD5                        19577     3.1712   
RSA-SHA1                       481896    78.0599  
RSA-SHA1 Only                  26070     4.2229   
RSA-SHA224                     411504    66.6575  
RSA-SHA256                     464624    75.2621  
RSA-SHA256 Only                7718      1.2502   
RSA-SHA384                     427149    69.1917  
RSA-SHA384 Only                4         0.0006   
RSA-SHA512                     427025    69.1717  
RSA-SHA512 Only                100       0.0162   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         291070    47.149   
indeterminate                  44        0.0071   
intolerant                     6217      1.0071   
order-fallback                 6         0.001    
server                         252346    40.8763  
unsupported                    12582     2.0381   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     60314     9.77     
ECDSA intolerant               218       0.0353   
ECDSA pfs-rsa-SHA512           18785     3.0429   
ECDSA soft-nopfs               9         0.0015   
RSA False                      19392     3.1412   
RSA SHA1                       419870    68.0127  
RSA intolerant                 51966     8.4177   
RSA pfs-ecdsa-SHA512           21        0.0034   
RSA soft-nopfs                 369       0.0598   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     3666      0.5938   
insecure                  14566     2.3595   
secure                    599109    97.0467  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      5637      0.9131   
False                     3666      0.5938   
NONE                      608038    98.4931  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         3         0.0005   
1 only                    3         0.0005   
2                         1         0.0002   
2 only                    1         0.0002   
5                         6         0.001    
5 only                    6         0.001    
10                        9         0.0015   
10 only                   9         0.0015   
12                        1         0.0002   
12 only                   1         0.0002   
15                        7         0.0011   
15 only                   7         0.0011   
30                        24        0.0039   
30 only                   24        0.0039   
60                        151       0.0245   
60 only                   143       0.0232   
65                        1         0.0002   
65 only                   1         0.0002   
70                        10        0.0016   
70 only                   8         0.0013   
90                        1         0.0002   
90 only                   1         0.0002   
100                       17        0.0028   
100 only                  17        0.0028   
120                       32        0.0052   
120 only                  32        0.0052   
128                       5         0.0008   
128 only                  5         0.0008   
150                       8         0.0013   
150 only                  6         0.001    
180                       99        0.016    
180 only                  98        0.0159   
240                       17        0.0028   
240 only                  17        0.0028   
300                       304473    49.3201  
300 only                  301855    48.896   
302                       1         0.0002   
302 only                  1         0.0002   
360                       2         0.0003   
360 only                  1         0.0002   
400                       6         0.001    
400 only                  6         0.001    
420                       114       0.0185   
420 only                  100       0.0162   
450                       1         0.0002   
450 only                  1         0.0002   
480                       14        0.0023   
480 only                  14        0.0023   
500                       5         0.0008   
500 only                  5         0.0008   
540                       4         0.0006   
540 only                  4         0.0006   
600                       36341     5.8867   
600 only                  36218     5.8668   
660                       1         0.0002   
660 only                  1         0.0002   
700                       1         0.0002   
700 only                  1         0.0002   
720                       2         0.0003   
720 only                  2         0.0003   
840                       2         0.0003   
840 only                  2         0.0003   
900                       1855      0.3005   
900 only                  1836      0.2974   
960                       3         0.0005   
960 only                  3         0.0005   
1200                      3924      0.6356   
1200 only                 3920      0.635    
1320                      1         0.0002   
1320 only                 1         0.0002   
1380                      1         0.0002   
1380 only                 1         0.0002   
1440                      1         0.0002   
1440 only                 1         0.0002   
1500                      10        0.0016   
1500 only                 9         0.0015   
1800                      895       0.145    
1800 only                 886       0.1435   
1920                      1         0.0002   
1920 only                 1         0.0002   
1980                      2         0.0003   
1980 only                 2         0.0003   
2100                      2         0.0003   
2100 only                 1         0.0002   
2400                      6         0.001    
2400 only                 6         0.001    
2700                      10        0.0016   
2700 only                 10        0.0016   
3000                      46        0.0075   
3000 only                 46        0.0075   
3600                      1309      0.212    
3600 only                 1298      0.2103   
3840                      5         0.0008   
3840 only                 5         0.0008   
3900                      1         0.0002   
3900 only                 1         0.0002   
4100                      1         0.0002   
4100 only                 1         0.0002   
4200                      1         0.0002   
4500                      2         0.0003   
4500 only                 2         0.0003   
5160                      1         0.0002   
5160 only                 1         0.0002   
5400                      17        0.0028   
5400 only                 17        0.0028   
6000                      385       0.0624   
6000 only                 385       0.0624   
7200                      15426     2.4988   
7200 only                 15407     2.4957   
7500                      2         0.0003   
7500 only                 2         0.0003   
9000                      2         0.0003   
9000 only                 2         0.0003   
10800                     5668      0.9181   
10800 only                5641      0.9138   
14400                     234       0.0379   
14400 only                234       0.0379   
18000                     8         0.0013   
18000 only                8         0.0013   
21600                     4933      0.7991   
21600 only                4932      0.7989   
25200                     1         0.0002   
25200 only                1         0.0002   
28800                     1747      0.283    
28800 only                1746      0.2828   
30000                     2         0.0003   
30000 only                1         0.0002   
30322                     1         0.0002   
30342                     1         0.0002   
30359                     1         0.0002   
30375                     1         0.0002   
30389                     1         0.0002   
30407                     1         0.0002   
30426                     1         0.0002   
30447                     1         0.0002   
30463                     1         0.0002   
30481                     1         0.0002   
30496                     1         0.0002   
30513                     1         0.0002   
30533                     1         0.0002   
30555                     1         0.0002   
30574                     1         0.0002   
36000                     1425      0.2308   
36000 only                1422      0.2303   
43200                     70        0.0113   
43200 only                70        0.0113   
54000                     1         0.0002   
54000 only                1         0.0002   
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     80026     12.963   
64800 only                80024     12.9627  
72000                     16        0.0026   
72000 only                16        0.0026   
79200                     1         0.0002   
79200 only                1         0.0002   
86400                     3726      0.6036   
86400 only                3720      0.6026   
90000                     1         0.0002   
90000 only                1         0.0002   
100000                    1         0.0002   
100000 only               1         0.0002   
100800                    10409     1.6861   
100800 only               10396     1.684    
108000                    1         0.0002   
108000 only               1         0.0002   
115200                    1         0.0002   
115200 only               1         0.0002   
129600                    7         0.0011   
129600 only               7         0.0011   
172800                    55        0.0089   
172800 only               55        0.0089   
216000                    3         0.0005   
216000 only               3         0.0005   
259200                    1         0.0002   
259200 only               1         0.0002   
432000                    1         0.0002   
432000 only               1         0.0002   
604800                    1         0.0002   
864000                    3         0.0005   
864000 only               3         0.0005   
7776000                   1         0.0002   
7776000 only              1         0.0002   
None                      146605    23.7478  
None only                 143741    23.2839  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      8517      1.3796   
ecdsa-with-SHA256         77357     12.5307  
sha1WithRSAEncryption     8710      1.4109   
sha256WithRSAEncryption   550018    89.0947  
sha384WithRSAEncryption   12        0.0019   
sha512WithRSAEncryption   94        0.0152   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 79263     12.8394  
ECDSA 384                 64        0.0104   
ECDSA 521                 1         0.0002   
RSA 1024                  8         0.0013   
RSA 2048                  522923    84.7057  
RSA 2049                  4         0.0006   
RSA 2056                  1         0.0002   
RSA 2058                  1         0.0002   
RSA 2059                  1         0.0002   
RSA 2060                  1         0.0002   
RSA 2080                  7         0.0011   
RSA 2084                  1         0.0002   
RSA 2086                  1         0.0002   
RSA 2096                  2         0.0003   
RSA 2432                  4         0.0006   
RSA 2560                  1         0.0002   
RSA 2948                  1         0.0002   
RSA 3048                  1         0.0002   
RSA 3050                  1         0.0002   
RSA 3072                  171       0.0277   
RSA 3096                  2         0.0003   
RSA 3248                  3         0.0005   
RSA 4048                  1         0.0002   
RSA 4056                  11        0.0018   
RSA 4068                  2         0.0003   
RSA 4069                  1         0.0002   
RSA 4086                  3         0.0005   
RSA 4092                  2         0.0003   
RSA 4094                  1         0.0002   
RSA 4096                  35502     5.7508   
RSA 4098                  1         0.0002   
RSA 4196                  1         0.0002   
RSA 8192                  12        0.0019   
RSA 8392                  1         0.0002   
RSA/ECDSA Dual Stack      20648     3.3447

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 147812    23.9433  
Unsupported               469529    76.0567  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      13670     2.2143
SSL2 Only                 7         0.0011
SSL3                      79648     12.9018
SSL3 Only                 291       0.0471
SSL3 or TLS1 Only         40940     6.6317
SSL3 or lower Only        298       0.0483
TLS1                      602893    97.6596
TLS1 Only                 24668     3.9958
TLS1 or lower Only        53665     8.6929
TLS1.1                    554533    89.826
TLS1.1 Only               43        0.007
TLS1.1 or up Only         13986     2.2655
TLS1.2                    562252    91.0764
TLS1.2 Only               4393      0.7116
TLS1.2, 1.0 but not 1.1   4370      0.7079

Client Hello intolerance                 Count     Percent
----------------------------------------+---------+-------
ext:ALPN                                 5         0.0008
ext:EMS                                  396       0.0641
ext:EtM                                  63        0.0102
ext:ext #38                              23        0.0037
ext:key share                            423       0.0685
ext:NPN                                  5         0.0008
ext:OCSP staple                          13        0.0021
ext:padding                              402       0.0651
ext:SNI                                  109       0.0177
last ext empty                           18        0.0029
more groups                              415       0.0672
more sigalgs                             485       0.0786
secure renego ext                        567       0.0918
secure renego scsv                       526       0.0852
size c#/12                               77        0.0125
size c#/20                               40        0.0065
size c#/22                               363       0.0588
size c#/129                              1334      0.2161
size c#/201                              75        0.0121
size c#/257                              419       0.0679
size c#/304                              17        0.0028
size c#/475                              21        0.0034
size c#/501                              180       0.0292
size c#/606                              5         0.0008
size c#/612                              236       0.0382
size c#/614                              10        0.0016
size c#/651                              6         0.001
size c#/653                              161       0.0261
size c#/703                              6         0.001
size c#/734                              6         0.001
size c#/943                              5         0.0008
size c#/945                              6         0.001
size c#/998                              29        0.0047
size c#/1000                             159       0.0258
size c#/1001                             10        0.0016
size c#/1972                             36        0.0058
size c#/1979                             8         0.0013
size c#/1980                             16        0.0026
size c#/1981                             22        0.0036
size c#/1982                             44        0.0071
size c#/1983                             49        0.0079
size c#/1984                             73        0.0118
size c#/1985                             109       0.0177
size c#/1986                             137       0.0222
size c#/1987                             135       0.0219
size c#/1988                             117       0.019
size c#/1989                             62        0.01
size c#/1990                             35        0.0057
size c#/1991                             5         0.0008
size c#/2013                             5         0.0008
size c#/2021                             713       0.1155
size c#/2027                             8         0.0013
size c#/3223                             8         0.0013
size c#/4017                             5         0.0008
size c#/4018                             7         0.0011
size c#/4019                             15        0.0024
size c#/4020                             14        0.0023
size c#/4021                             17        0.0028
size c#/4022                             20        0.0032
size c#/4023                             11        0.0018
size c#/4024                             8         0.0013
size c#/4035                             69        0.0112
size c#/4088                             8         0.0013
size c#/4317                             34        0.0055
size c#/5023                             13        0.0021
size c#/5056                             9         0.0015
size c#/5075                             120       0.0194
size c#/5098                             4811      0.7793
size c#/5103                             6         0.001
size c#/5261                             7         0.0011
size c#/5510                             9         0.0015
size c#/5747                             5         0.0008
size c#/5748                             6         0.001
size c#/5751                             264       0.0428
size c#/5757                             6         0.001
size c#/6119                             55        0.0089
size c#/6207                             5         0.0008
size c#/6773                             7         0.0011
size c#/7086                             18        0.0029
size c#/7087                             46        0.0075
size c#/7088                             76        0.0123
size c#/7089                             138       0.0224
size c#/7090                             224       0.0363
size c#/7091                             355       0.0575
size c#/7092                             486       0.0787
size c#/7093                             563       0.0912
size c#/7094                             579       0.0938
size c#/7095                             491       0.0795
size c#/7096                             249       0.0403
size c#/7097                             98        0.0159
size c#/7103                             27        0.0044
size c#/7104                             31        0.005
size c#/7105                             2162      0.3502
size c#/7106                             79        0.0128
size c#/7107                             78025     12.6389
size c#/7146                             7         0.0011
size c#/7235                             12        0.0019
size c#/7656                             5         0.0008
size c#/8038                             5         0.0008
size c#/8091                             11        0.0018
size c#/8102                             6         0.001
size c#/8107                             10        0.0016
size c#/8108                             9         0.0015
size c#/8109                             24        0.0039
size c#/8110                             86        0.0139
size c#/8111                             29        0.0047
size c#/8112                             42        0.0068
size c#/8113                             44        0.0071
size c#/8114                             40        0.0065
size c#/8115                             38        0.0062
size c#/8116                             27        0.0044
size c#/8117                             20        0.0032
size c#/8118                             20        0.0032
size c#/8119                             11        0.0018
size c#/8120                             22        0.0036
size c#/8121                             21        0.0034
size c#/8122                             10        0.0016
size c#/8123                             13        0.0021
size c#/8124                             20        0.0032
size c#/8125                             34        0.0055
size c#/8126                             9054      1.4666
size c#/8127                             115       0.0186
size c#/8128                             463       0.075
size c#/8129                             496       0.0803
size c#/8130                             1058      0.1714
size c#/8131                             1875      0.3037
size c#/8132                             3274      0.5303
size c#/8133                             5263      0.8525
size c#/8134                             7846      1.2709
size c#/8135                             11111     1.7998
size c#/8136                             12963     2.0998
size c#/8137                             12113     1.9621
size c#/8138                             16315     2.6428
size c#/8139                             2233      0.3617
size c#/8140                             394       0.0638
size c#/8141                             23        0.0037
size c#/8142                             19        0.0031
size c#/8143                             22        0.0036
size c#/8144                             25        0.004
size c#/8145                             6063      0.9821
size c#/8146                             98        0.0159
size c#/8147                             21529     3.4874
size c#/8150                             9         0.0015
size c#/8152                             68        0.011
size c#/8164                             6         0.001
size c#/8165                             52        0.0084
size c#/8166                             1019      0.1651
size c#/8167                             162       0.0262
size c#/8168                             10471     1.6961
size c#/8169                             234       0.0379
size c#/8170                             393215    63.6949
size c#/8171                             69        0.0112
size c#/8172                             104       0.0168
size c#/8173                             81        0.0131
size c#/8259                             17        0.0028
size c#/8298                             124       0.0201
size c#/15299                            8         0.0013
size c#/16362                            113       0.0183
size c#/24552                            35        0.0057
size c/74                                60        0.0097
size c/78                                6         0.001
size c/161                               6         0.001
size c/162                               10        0.0016
size c/163                               9         0.0015
size c/164                               12        0.0019
size c/165                               15        0.0024
size c/166                               8         0.0013
size c/167                               6         0.001
size c/168                               10        0.0016
size c/169                               9         0.0015
size c/170                               8         0.0013
size c/171                               10        0.0016
size c/172                               20        0.0032
size c/173                               15        0.0024
size c/174                               15        0.0024
size c/175                               18        0.0029
size c/176                               20        0.0032
size c/177                               36        0.0058
size c/178                               20        0.0032
size c/179                               20        0.0032
size c/180                               18        0.0029
size c/181                               11        0.0018
size c/182                               9         0.0015
size c/183                               14        0.0023
size c/184                               10        0.0016
size c/185                               9         0.0015
size c/186                               7         0.0011
size c/187                               8         0.0013
size c/188                               5         0.0008
size c/194                               5         0.0008
size c/308                               1203      0.1949
size c/312                               124       0.0201
size c/391                               5         0.0008
size c/452                               74        0.012
size c/564                               333       0.0539
size c/568                               16        0.0026
size c/667                               5         0.0008
size c/670                               5         0.0008
size c/673                               8         0.0013
size c/674                               5         0.0008
size c/1000                              22        0.0036
size c/1052                              116       0.0188
size c/1097                              11        0.0018
size c/1135                              49        0.0079
size c/1344                              10        0.0016
size c/1356                              415       0.0672
size c/1456                              8         0.0013
size c/1521                              6         0.001
size c/1977                              5         0.0008
size c/2049                              189       0.0306
size c/2052                              10        0.0016
size c/2496                              5         0.0008
size c/2784                              10        0.0016
size c/4076                              39        0.0063
size c/4092                              1545      0.2503
size c/4103                              8         0.0013
size c/6496                              8         0.0013
size c/8192                              11        0.0018
size c/8226                              8         0.0013
size c/8766                              34        0.0055
size c/10095                             13        0.0021
size c/10245                             5104      0.8268
size c/10338                             6         0.001
size c/10654                             7         0.0011
size c/11074                             10        0.0016
size c/11628                             6         0.001
size c/11634                             263       0.0426
size c/12288                             60        0.0097
size c/12464                             5         0.0008
size c/12825                             5         0.0008
size c/13596                             7         0.0011
size c/14342                             6         0.001
size c/15360                             5         0.0008
size c/15362                             6         0.001
size c/16254                             6         0.001
size c/16289                             8         0.0013
size c/16350                             6         0.001
size c/16353                             136       0.022
size c/16378                             5         0.0008
size c/16380                             32        0.0052
size c/16382                             166       0.0269
size c/16383                             130       0.0211
size c/16384                             218       0.0353
size c/16385                             29768     4.822
size c/16386                             1462      0.2368
size c/16387                             199       0.0322
size c/16388                             334       0.0541
size c/16389                             560436    90.7822
size c/16392                             35        0.0057
size c/16396                             6         0.001
size c/16397                             8         0.0013
size c/16400                             75        0.0121
size c/16401                             65        0.0105
size c/16404                             10        0.0016
size c/16406                             7         0.0011
size c/16408                             8898      1.4413
size c/16645                             153       0.0248
size c/18502                             8         0.0013
size c/32773                             123       0.0199
size c/49153                             36        0.0058
size c/65536                             6         0.001
SSL 3.254                                12324     1.9963
SSL 4.0                                  15533     2.5161
SSL 4.3                                  14995     2.429
SSL 255.255                              15052     2.4382
TLS 1.0                                  13383     2.1678
TLS 1.1                                  3950      0.6398
TLS 1.2                                  27        0.0044
TLS 1.3                                  6836      1.1073
TLS 1.4                                  7445      1.206

Implementation families                               Count       Percent
-----------------------------------------------------+-----------+-------
c/177 c#/22                                        11        0.0018
c/308 c#/129 TLS_1.3+                              1199      0.1942
c/312 c#/129 TLS_1.3+                              59        0.0096
c/391 c#/129                                       5         0.0008
c/452 c#/201 SSL_4.0+                              74        0.012
c/564 c#/257                                       273       0.0442
c/564 c#/257 SSL_4.0+                              16        0.0026
c/564 c#/257 SSL_4.0+ SSL_3.254                    6         0.001
c/564 c#/257 TLS_1.3+                              34        0.0055
c/568 c#/257 TLS_1.3+                              16        0.0026
c/667 c#/257                                       5         0.0008
c/670 c#/257                                       5         0.0008
c/673 c#/257                                       8         0.0013
c/674 c#/257                                       5         0.0008
c/1000 c#/475 TLS_1.3+                             21        0.0034
c/1052 c#/501                                      91        0.0147
c/1052 c#/501 SSL_4.0+                             14        0.0023
c/1052 c#/501 TLS_1.3+                             9         0.0015
c/1097 c#/501                                      11        0.0018
c/1135 c#/501                                      48        0.0078
c/1344 c#/606                                      5         0.0008
c/1356 c#/612                                      236       0.0382
c/1356 c#/614 SSL_4.0+                             6         0.001
c/1356 c#/653 SSL_4.0+                             132       0.0214
c/1356 c#/653 TLS_1.3+                             24        0.0039
c/1456 c#/703 SSL_4.0+                             6         0.001
c/1521 c#/734 TLS_1.4 TLS_1.3 TLS_1.2 SSL_3.254    6         0.001
c/2049 c#/998 TLS_1.3+                             29        0.0047
c/2049 c#/1000 TLS_1.3+                            159       0.0258
c/2052 c#/1001                                     10        0.0016
c/4076 c#/1972                                     36        0.0058
c/4092 c#/943                                      5         0.0008
c/4092 c#/945                                      6         0.001
c/4092 c#/1979                                     8         0.0013
c/4092 c#/1980                                     16        0.0026
c/4092 c#/1981                                     21        0.0034
c/4092 c#/1982                                     43        0.007
c/4092 c#/1983                                     49        0.0079
c/4092 c#/1984                                     71        0.0115
c/4092 c#/1985                                     108       0.0175
c/4092 c#/1986                                     137       0.0222
c/4092 c#/1987                                     135       0.0219
c/4092 c#/1988                                     115       0.0186
c/4092 c#/1989                                     61        0.0099
c/4092 c#/1990                                     34        0.0055
c/4092 c#/2021                                     712       0.1153
c/4103 c#/2027                                     8         0.0013
c/6496 c#/3223                                     8         0.0013
c/8226 c#/4088                                     5         0.0008
c/8766 c#/4317                                     34        0.0055
c/10095                                            13        0.0021
c/10245                                            708       0.1147
c/10245 c#/4017 SSL_3.254                          5         0.0008
c/10245 c#/4018 SSL_3.254                          6         0.001
c/10245 c#/4019 SSL_3.254                          12        0.0019
c/10245 c#/4020 SSL_3.254                          13        0.0021
c/10245 c#/4021 SSL_3.254                          16        0.0026
c/10245 c#/4022 SSL_3.254                          18        0.0029
c/10245 c#/4023 SSL_3.254                          10        0.0016
c/10245 c#/4024 SSL_3.254                          7         0.0011
c/10245 c#/4035                                    69        0.0112
c/10245 SSL_3.254                                  4225      0.6844
c/10338                                            6         0.001
c/10654                                            7         0.0011
c/11074                                            10        0.0016
c/11628                                            6         0.001
c/11634                                            263       0.0426
c/12464                                            5         0.0008
c/12825                                            5         0.0008
c/13596                                            5         0.0008
c/14342                                            6         0.001
c/16254                                            5         0.0008
c/16289 SSL_4.0+                                   8         0.0013
c/16353                                            123       0.0199
c/16353 TLS_1.3+                                   12        0.0019
c/16380                                            31        0.005
c/16382                                            126       0.0204
c/16382 SSL_4.0+                                   11        0.0018
c/16383                                            89        0.0144
c/16383 SSL_4.0+                                   6         0.001
c/16383 TLS_1.3+                                   5         0.0008
c/16384                                            150       0.0243
c/16384 SSL_4.0+                                   22        0.0036
c/16384 TLS_1.3+                                   13        0.0021
c/16385                                            22319     3.6153
c/16385 SSL_4.0                                    12        0.0019
c/16385 SSL_4.0+                                   2410      0.3904
c/16385 TLS_1.3+                                   4773      0.7732
c/16385 TLS_1.3+ TLS_1.2                           6         0.001
c/16385 TLS_1.4 SSL_4.0+ SSL_3.254                 182       0.0295
c/16386                                            1352      0.219
c/16386 SSL_4.0+                                   39        0.0063
c/16386 TLS_1.3+                                   34        0.0055
c/16387                                            121       0.0196
c/16387 SSL_4.0+                                   55        0.0089
c/16388                                            282       0.0457
c/16388 SSL_4.0+                                   5         0.0008
c/16388 TLS_1.3+                                   5         0.0008
c/16389                                            555008    89.903
c/16389 SSL_4.0+                                   4661      0.755
c/16389 TLS_1.3+                                   198       0.0321
c/16392                                            34        0.0055
c/16396                                            6         0.001
c/16397                                            8         0.0013
c/16400                                            75        0.0121
c/16401                                            65        0.0105
c/16404                                            9         0.0015
c/16406                                            7         0.0011
c/16408                                            8897      1.4412
c/16645                                            131       0.0212
c/16645 SSL_4.0+                                   21        0.0034
c/18502 SSL_4.0                                    6         0.001
c/32773                                            59        0.0096
c/32773 SSL_4.0                                    64        0.0104
c/49153                                            36        0.0058
c/65536                                            5         0.0008
ext:OCSP_staple c/16389                            8         0.0013
ext:padding ext:key_share ext:EMS c/161 c#/22 TLS_1.4 SSL_3.254 5         0.0008
ext:padding ext:key_share ext:EMS c/162 c#/22 TLS_1.4 SSL_3.254 10        0.0016
ext:padding ext:key_share ext:EMS c/163 c#/22 TLS_1.4 SSL_3.254 7         0.0011
ext:padding ext:key_share ext:EMS c/164 c#/22 TLS_1.4 SSL_3.254 11        0.0018
ext:padding ext:key_share ext:EMS c/165 c#/22 TLS_1.4 SSL_3.254 14        0.0023
ext:padding ext:key_share ext:EMS c/166 c#/22 TLS_1.4 SSL_3.254 6         0.001
ext:padding ext:key_share ext:EMS c/167 c#/22 TLS_1.4 SSL_3.254 6         0.001
ext:padding ext:key_share ext:EMS c/168 c#/22 TLS_1.4 SSL_3.254 10        0.0016
ext:padding ext:key_share ext:EMS c/169 c#/22 TLS_1.4 SSL_3.254 9         0.0015
ext:padding ext:key_share ext:EMS c/170 c#/22 TLS_1.4 SSL_3.254 7         0.0011
ext:padding ext:key_share ext:EMS c/171 c#/22 TLS_1.4 SSL_3.254 10        0.0016
ext:padding ext:key_share ext:EMS c/172 c#/22 TLS_1.4 SSL_3.254 18        0.0029
ext:padding ext:key_share ext:EMS c/173 c#/22 TLS_1.4 SSL_3.254 15        0.0024
ext:padding ext:key_share ext:EMS c/174 c#/22 TLS_1.4 SSL_3.254 14        0.0023
ext:padding ext:key_share ext:EMS c/175 c#/22 TLS_1.4 SSL_3.254 18        0.0029
ext:padding ext:key_share ext:EMS c/176 c#/22 TLS_1.4 SSL_3.254 20        0.0032
ext:padding ext:key_share ext:EMS c/177 c#/22 TLS_1.4 SSL_3.254 24        0.0039
ext:padding ext:key_share ext:EMS c/178 c#/22 TLS_1.4 SSL_3.254 19        0.0031
ext:padding ext:key_share ext:EMS c/179 c#/22 TLS_1.4 SSL_3.254 20        0.0032
ext:padding ext:key_share ext:EMS c/180 c#/22 TLS_1.4 SSL_3.254 16        0.0026
ext:padding ext:key_share ext:EMS c/181 c#/22 TLS_1.4 SSL_3.254 11        0.0018
ext:padding ext:key_share ext:EMS c/182 c#/22 TLS_1.4 SSL_3.254 9         0.0015
ext:padding ext:key_share ext:EMS c/183 c#/22 TLS_1.4 SSL_3.254 11        0.0018
ext:padding ext:key_share ext:EMS c/184 c#/22 TLS_1.4 SSL_3.254 9         0.0015
ext:padding ext:key_share ext:EMS c/185 c#/22 TLS_1.4 SSL_3.254 8         0.0013
ext:padding ext:key_share ext:EMS c/188 c#/22 TLS_1.4 SSL_3.254 5         0.0008
ext:SNI c/16385 TLS_1.3+                           14        0.0023
ext:SNI c/16389                                    85        0.0138
last_ext_empty                                     7         0.0011
more_groups c/16382                                5         0.0008
more_groups c/16384                                5         0.0008
more_groups c/16385                                6         0.001
more_groups c/16388                                6         0.001
more_groups c/16389                                77        0.0125
more_sigalgs                                       33        0.0053
more_sigalgs c/16385                               10        0.0016
more_sigalgs c/16386                               8         0.0013
more_sigalgs c/16389                               99        0.016
more_sigalgs more_groups c/16389                   11        0.0018
secure_renego_ext c/312 c#/129 TLS_1.3+            65        0.0105
secure_renego_ext c/12288                          58        0.0094
secure_renego_ext c/16384                          5         0.0008
secure_renego_ext c/16385                          6         0.001
secure_renego_ext c/16388                          10        0.0016
secure_renego_ext c/16389                          98        0.0159
secure_renego_ext more_groups c/16389              6         0.001
secure_renego_ext more_sigalgs c/16389             10        0.0016
secure_renego_scsv c/16382                         5         0.0008
secure_renego_scsv c/16385                         14        0.0023
secure_renego_scsv c/16386                         7         0.0011
secure_renego_scsv c/16387                         9         0.0015
secure_renego_scsv c/16389                         84        0.0136
secure_renego_scsv c/16389 SSL_4.0+                23        0.0037
secure_renego_scsv more_sigalgs c/16389            16        0.0026
secure_renego_scsv more_sigalgs more_groups c/16389 5         0.0008
secure_renego_scsv secure_renego_ext c/16389       8         0.0013
secure_renego_scsv secure_renego_ext more_groups c/16389 6         0.001
secure_renego_scsv secure_renego_ext more_sigalgs more_groups ext:key_share c/74 c#/12 TLS_1.4 SSL_3.254 51        0.0083
secure_renego_scsv SSL_4.0+                        14        0.0023
secure_renego_scsv SSL_4.0+ SSL_3.254              27        0.0044
SSL_3.254 SSL_255.255                              20        0.0032
SSL_4.0                                            395       0.064
SSL_4.0 SSL_3.254 SSL_255.255                      30        0.0049
SSL_4.0+                                           11        0.0018
SSL_4.0+ SSL_3.254                                 360       0.0583
TLS_1.3+                                           37        0.006
TLS_1.3+ TLS_1.2                                   5         0.0008



Statistics from 380577 chains provided by 741802 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  355021    47.8593
incomplete                14438     1.9463
untrusted                 372343    50.1944

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         1         0.0003
3                         375989    98.7945
4                         4576      1.2024
5                         11        0.0029

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 10554     
ECDSA 384                 10500     
RSA 1024                  1         
RSA 2045                  2         
RSA 2048                  599063    
RSA 4096                  145631    

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 10554     2.7732
ECDSA 384                 10500     2.759
RSA 1024                  1         0.0003
RSA 2045                  2         0.0005
RSA 2048                  369728    97.1493
RSA 4096                  145057    38.115

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              10480     
sha1WithRSAEncryption          4001      
sha256WithRSAEncryption        240251    
sha384WithRSAEncryption        130369    
sha512WithRSAEncryption        73        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        3967      1.0424
112                       366102    96.1966
128                       10508     2.7611

Most common root CAs                          Count     Percent
---------------------------------------------+---------+-------
(d6325660) COMODO RSA Certification Authority 114912    30.1942
(2c543cd1) GeoTrust Global CA                 59675     15.6801
(cbf06781) Go Daddy Root Certificate Authorit 34287     9.0092
(5ad8a5d6) GlobalSign Root CA                 25336     6.6573
(244b5494) DigiCert High Assurance EV Root CA 17608     4.6267
(b204d74a) VeriSign Class 3 Public Primary Ce 16082     4.2257
(fc5a8f99) USERTrust RSA Certification Author 15380     4.0412
(4bfab552) Starfield Root Certificate Authori 11040     2.9009
(2e4eed3c) thawte Primary Root CA             10561     2.775
(eed8c118) COMODO ECC Certification Authority 10478     2.7532
(653b494a) Baltimore CyberTrust Root          8661      2.2758
(3513523f) DigiCert Global Root CA            8436      2.2166
(ae8153b9) StartCom Certification Authority   6077      1.5968
(e2799e36) GeoTrust Primary Certification Aut 5377      1.4129
(480720ec) GeoTrust Primary Certification Aut 4278      1.1241

Most common intermediate CA                   Count     Percent
---------------------------------------------+---------+-------
(8d28ae65) COMODO RSA Domain Validation Secur 80544     21.1637
(27eb7704) Go Daddy Secure Certificate Author 34287     9.0092
(53f3e569) RapidSSL SHA256 CA - G3            23547     6.1872
(1400f578) cPanel, Inc. Certification Authori 20473     5.3795
(80ecc636) RapidSSL SHA256 CA                 17373     4.5649
(38ae8eda) DigiCert SHA2 High Assurance Serve 14767     3.8802
(cd7781e5) Starfield Secure Certificate Autho 11040     2.9009
(7d9c641e) Symantec Class 3 Secure Server CA  10812     2.8409
(16744f0c) AlphaSSL CA - SHA256 - G2          10734     2.8205
(10310d4b) GeoTrust SSL CA - G3               10577     2.7792
(6cfa716c) COMODO ECC Domain Validation Secur 10433     2.7414
(c43a77d9) COMODO RSA Organization Validation 8974      2.358
(85cf5865) DigiCert SHA2 Secure Server CA     8419      2.2122
(d7d634d4) GlobalSign Domain Validation CA -  7954      2.09
(fd917e82) SecureCore RSA DV CA               7248      1.9045
(3d97f5e2) Verizon Akamai SureServer CA G14-S 6322      1.6612
(9ad474ec) thawte SSL CA - G2                 5746      1.5098
(b85455c4) GlobalSign Organization Validation 4922      1.2933
(a0f7ac3e) Symantec Class 3 EV SSL CA - G3    4831      1.2694
(b71a5f76) GeoTrust EV SSL CA - G4            4278      1.1241
(98d7cad7) GeoTrust DV SSL CA - G3            4266      1.1209

Scan performed between 1st and 21st of October 2016.

August 2016 scan results

This month, the results include information about size intolerance of the servers.

The “size e/16382” and “size c/16382” mean that the server is rejecting Client Hello’s that are 16382 bytes long. For “size c#/8110” means that the Client Hello was rejected when it had 8110 ciphers. For “extensions” it means that all Client Hello’s that included extensions were rejected by the server.

SSL/TLS survey of 605462 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      535996    88.5268
3DES Only                 543       0.0897
3DES Preferred            1649      0.2724
3DES forced in TLS1.1+    987       0.163
AES                       601689    99.3768
AES Only                  46301     7.6472
AES-CBC                   601111    99.2814
AES-CBC Only              4726      0.7806
AES-GCM                   516492    85.3054
AES-GCM Only              535       0.0884
CAMELLIA                  263593    43.5358
CAMELLIA Only             1         0.0002
CHACHA20                  86307     14.2547
CHACHA20 Only             3         0.0005
Insecure                  48213     7.963
RC4                       145145    23.9726
RC4 Only                  116       0.0192
RC4 Preferred             11905     1.9663
RC4 forced in TLS1.1+     6522      1.0772
x:FF 29 3DES Only         590       0.0974
x:FF 29 3DES Preferred    1951      0.3222
x:FF 29 RC4 Only          168       0.0277
x:FF 29 RC4 Preferred     13397     2.2127
x:FF 29 incompatible      510       0.0842
x:FF 35 3DES Only         599       0.0989
x:FF 35 3DES Preferred    1866      0.3082
x:FF 35 RC4 Only          187       0.0309
x:FF 35 RC4 Preferred     13412     2.2152
x:FF 35 incompatible      512       0.0846
x:FF 44 3DES Only         3632      0.5999
x:FF 44 3DES Preferred    6943      1.1467
x:FF 44 incompatible      699       0.1154
y:DHE-RSA-SEED-SHA        74877     12.3669
y:IDEA-CBC-SHA            71395     11.7918
y:SEED-SHA                85777     14.1672
z:ADH-AES128-GCM-SHA256   445       0.0735
z:ADH-AES128-SHA          678       0.112
z:ADH-AES128-SHA256       276       0.0456
z:ADH-AES256-GCM-SHA384   456       0.0753
z:ADH-AES256-SHA          714       0.1179
z:ADH-AES256-SHA256       276       0.0456
z:ADH-CAMELLIA128-SHA     351       0.058
z:ADH-CAMELLIA128-SHA256  1         0.0002
z:ADH-CAMELLIA256-SHA     371       0.0613
z:ADH-CAMELLIA256-SHA256  1         0.0002
z:ADH-DES-CBC-SHA         257       0.0424
z:ADH-DES-CBC3-SHA        682       0.1126
z:ADH-RC4-MD5             471       0.0778
z:ADH-SEED-SHA            288       0.0476
z:AECDH-AES128-SHA        8082      1.3348
z:AECDH-AES256-SHA        8133      1.3433
z:AECDH-DES-CBC3-SHA      8050      1.3296
z:AECDH-NULL-SHA          57        0.0094
z:AECDH-RC4-SHA           7539      1.2452
z:DES-CBC-MD5             5574      0.9206
z:DES-CBC-SHA             29852     4.9304
z:DES-CBC3-MD5            14882     2.458
z:ECDHE-RSA-NULL-SHA      63        0.0104
z:EDH-RSA-DES-CBC-SHA     25216     4.1648
z:EXP-ADH-DES-CBC-SHA     157       0.0259
z:EXP-ADH-RC4-MD5         155       0.0256
z:EXP-DES-CBC-SHA         9166      1.5139
z:EXP-EDH-RSA-DES-CBC-SHA 7255      1.1983
z:EXP-RC2-CBC-MD5         10960     1.8102
z:EXP-RC4-MD5             11455     1.8919
z:EXP1024-DES-CBC-SHA     2832      0.4677
z:EXP1024-RC4-SHA         2897      0.4785
z:IDEA-CBC-MD5            1185      0.1957
z:NULL-MD5                190       0.0314
z:NULL-SHA                196       0.0324
z:NULL-SHA256             51        0.0084
z:RC2-CBC-MD5             5736      0.9474
z:RC4-64-MD5              625       0.1032

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               142239    23.4926
Server side               463223    76.5074

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       883       0.1458
AECDH                     8142      1.3448
DHE                       328057    54.1829
ECDH                      3         0.0005
ECDHE                     539975    89.184
ECDHE and DHE             289126    47.753
RSA                       517856    85.5307

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               111844    18.4725  34.0929
DH,1338bits               1         0.0002   0.0003
DH,2048bits               197388    32.6012  60.1688
DH,2049bits               1         0.0002   0.0003
DH,2236bits               89        0.0147   0.0271
DH,2432bits               2         0.0003   0.0006
DH,3072bits               144       0.0238   0.0439
DH,4094bits               1         0.0002   0.0003
DH,4096bits               18257     3.0154   5.5652
DH,5120bits               1         0.0002   0.0003
DH,512bits                101       0.0167   0.0308
DH,6144bits               1         0.0002   0.0003
DH,768bits                334       0.0552   0.1018
DH,8192bits               7         0.0012   0.0021
ECDH,B-571,570bits        5326      0.8797   0.9863
ECDH,P-192,192bits        75        0.0124   0.0139
ECDH,P-224,224bits        89        0.0147   0.0165
ECDH,P-256,256bits        504975    83.4033  93.5182
ECDH,P-384,384bits        14384     2.3757   2.6638
ECDH,P-521,521bits        17077     2.8205   3.1626
ECDH,secp256k1,256bits    1         0.0002   0.0002
Prefer DH,1024bits        39397     6.5069   12.0092
Prefer DH,2048bits        4828      0.7974   1.4717
Prefer DH,3072bits        6         0.001    0.0018
Prefer DH,4096bits        390       0.0644   0.1189
Prefer DH,768bits         37        0.0061   0.0113
Prefer ECDH,B-571,570bits 5087      0.8402   0.9421
Prefer ECDH,P-192,192bits 1         0.0002   0.0002
Prefer ECDH,P-224,224bits 87        0.0144   0.0161
Prefer ECDH,P-256,256bits 470789    77.757   87.1872
Prefer ECDH,P-384,384bits 12040     1.9886   2.2297
Prefer ECDH,P-521,521bits 16590     2.7401   3.0724
Prefer ECDH,secp256k1,256bits 1         0.0002   0.0002
Prefer PFS                549253    90.7163  0
Support PFS               578906    95.6139  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
None                      3         0.0005   
None Only                 3         0.0005   
brainpoolP256r1           34554     5.707    
brainpoolP384r1           34555     5.7072   
brainpoolP512r1           34555     5.7072   
prime192v1                1610      0.2659   
prime256v1                517030    85.3943  
prime256v1 Only           427026    70.529   
secp160k1                 1486      0.2454   
secp160r1                 1495      0.2469   
secp160r2                 1485      0.2453   
secp192k1                 1499      0.2476   
secp224k1                 1577      0.2605   
secp224r1                 5351      0.8838   
secp256k1                 36728     6.0661   
secp256k1 Only            1         0.0002   
secp384r1                 97510     16.1051  
secp384r1 Only            6272      1.0359   
secp521r1                 65748     10.8591  
secp521r1 Only            161       0.0266   
sect163k1                 1485      0.2453   
sect163k1 Only            1         0.0002   
sect163r1                 1484      0.2451   
sect163r2                 1484      0.2451   
sect193r1                 1484      0.2451   
sect193r2                 1484      0.2451   
sect233k1                 1567      0.2588   
sect233r1                 1567      0.2588   
sect239k1                 1566      0.2586   
sect283k1                 35955     5.9384   
sect283k1 Only            4         0.0007   
sect283r1                 35953     5.9381   
sect409k1                 35955     5.9384   
sect409r1                 35954     5.9383   
sect571k1                 35955     5.9384   
sect571r1                 35958     5.9389   
server                    37765     6.2374   
server Only               37765     6.2374   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          539840    89.1617  
unknown                        65622     10.8383  

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
                          36432     6.0172   
client                    19039     3.1445   
server                    484508    80.0229  
unknown                   65483     10.8154  

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     57940     9.5696   
ECDSA-SHA1 Only                7         0.0012   
ECDSA-SHA224                   57898     9.5626   
ECDSA-SHA256                   76391     12.617   
ECDSA-SHA384                   76373     12.614   
ECDSA-SHA512                   76400     12.6185  
ECDSA-SHA512 Only              40        0.0066   
RSA-MD5                        21606     3.5685   
RSA-SHA1                       467740    77.2534  
RSA-SHA1 Only                  29183     4.82     
RSA-SHA224                     392509    64.828   
RSA-SHA256                     447656    73.9363  
RSA-SHA256 Only                7947      1.3126   
RSA-SHA384                     408435    67.4584  
RSA-SHA384 Only                4         0.0007   
RSA-SHA512                     408384    67.45    
RSA-SHA512 Only                138       0.0228   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         279050    46.0888  
indeterminate                  39        0.0064   
intolerant                     6449      1.0651   
order-fallback                 3         0.0005   
server                         246655    40.7383  
unsupported                    13741     2.2695   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     57867     9.5575   
ECDSA intolerant               282       0.0466   
ECDSA pfs-rsa-SHA512           18363     3.0329   
ECDSA soft-nopfs               16        0.0026   
RSA False                      21393     3.5333   
RSA SHA1                       403519    66.6465  
RSA intolerant                 52472     8.6664   
RSA pfs-ecdsa-SHA512           67        0.0111   
RSA soft-nopfs                 405       0.0669   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     4206      0.6947   
insecure                  15416     2.5462   
secure                    585840    96.7592  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      6044      0.9982   
False                     4206      0.6947   
NONE                      595212    98.3071  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         2         0.0003   
1 only                    2         0.0003   
2                         1         0.0002   
2 only                    1         0.0002   
5                         8         0.0013   
5 only                    8         0.0013   
10                        7         0.0012   
10 only                   7         0.0012   
15                        6         0.001    
15 only                   6         0.001    
30                        29        0.0048   
30 only                   29        0.0048   
60                        164       0.0271   
60 only                   158       0.0261   
65                        2         0.0003   
65 only                   2         0.0003   
70                        8         0.0013   
70 only                   6         0.001    
75                        1         0.0002   
75 only                   1         0.0002   
90                        1         0.0002   
90 only                   1         0.0002   
100                       14        0.0023   
100 only                  14        0.0023   
120                       32        0.0053   
120 only                  31        0.0051   
128                       3         0.0005   
128 only                  3         0.0005   
150                       2         0.0003   
180                       101       0.0167   
180 only                  98        0.0162   
240                       12        0.002    
240 only                  12        0.002    
300                       295067    48.7342  
300 only                  292180    48.2574  
302                       2         0.0003   
302 only                  2         0.0003   
360                       4         0.0007   
360 only                  2         0.0003   
400                       7         0.0012   
400 only                  7         0.0012   
420                       123       0.0203   
420 only                  111       0.0183   
450                       1         0.0002   
450 only                  1         0.0002   
480                       10        0.0017   
480 only                  10        0.0017   
500                       5         0.0008   
500 only                  5         0.0008   
540                       5         0.0008   
540 only                  5         0.0008   
600                       35813     5.915    
600 only                  35653     5.8886   
700                       1         0.0002   
700 only                  1         0.0002   
720                       4         0.0007   
720 only                  4         0.0007   
840                       2         0.0003   
840 only                  2         0.0003   
900                       1840      0.3039   
900 only                  1823      0.3011   
960                       3         0.0005   
960 only                  3         0.0005   
1000                      1         0.0002   
1000 only                 1         0.0002   
1200                      3710      0.6128   
1200 only                 3707      0.6123   
1210                      1         0.0002   
1210 only                 1         0.0002   
1320                      2         0.0003   
1320 only                 2         0.0003   
1380                      1         0.0002   
1380 only                 1         0.0002   
1440                      2         0.0003   
1440 only                 2         0.0003   
1500                      5         0.0008   
1500 only                 4         0.0007   
1800                      850       0.1404   
1800 only                 839       0.1386   
1980                      2         0.0003   
1980 only                 2         0.0003   
2100                      2         0.0003   
2100 only                 1         0.0002   
2400                      8         0.0013   
2400 only                 8         0.0013   
2700                      13        0.0021   
2700 only                 13        0.0021   
3000                      57        0.0094   
3000 only                 57        0.0094   
3600                      1218      0.2012   
3600 only                 1203      0.1987   
3900                      2         0.0003   
3900 only                 2         0.0003   
4100                      1         0.0002   
4100 only                 1         0.0002   
4200                      1         0.0002   
5160                      1         0.0002   
5160 only                 1         0.0002   
5400                      15        0.0025   
5400 only                 15        0.0025   
5940                      2         0.0003   
5940 only                 1         0.0002   
6000                      412       0.068    
6000 only                 412       0.068    
7200                      15459     2.5533   
7200 only                 15432     2.5488   
7500                      1         0.0002   
7500 only                 1         0.0002   
8100                      1         0.0002   
8100 only                 1         0.0002   
9000                      3         0.0005   
9000 only                 3         0.0005   
10800                     5550      0.9167   
10800 only                5528      0.913    
14400                     233       0.0385   
14400 only                232       0.0383   
18000                     8         0.0013   
18000 only                8         0.0013   
21600                     4372      0.7221   
21600 only                4371      0.7219   
25200                     1         0.0002   
25200 only                1         0.0002   
28800                     3059      0.5052   
28800 only                3059      0.5052   
36000                     1388      0.2292   
36000 only                1380      0.2279   
43200                     67        0.0111   
43200 only                67        0.0111   
54000                     2         0.0003   
54000 only                2         0.0003   
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     75846     12.527   
64800 only                75841     12.5261  
72000                     16        0.0026   
72000 only                16        0.0026   
79200                     1         0.0002   
79200 only                1         0.0002   
86400                     3405      0.5624   
86400 only                3397      0.5611   
100000                    1         0.0002   
100000 only               1         0.0002   
100800                    8998      1.4861   
100800 only               8987      1.4843   
108000                    1         0.0002   
108000 only               1         0.0002   
115200                    1         0.0002   
115200 only               1         0.0002   
129600                    7         0.0012   
129600 only               7         0.0012   
172800                    57        0.0094   
172800 only               57        0.0094   
216000                    4         0.0007   
216000 only               3         0.0005   
259200                    1         0.0002   
259200 only               1         0.0002   
432000                    2         0.0003   
432000 only               2         0.0003   
604800                    1         0.0002   
864000                    2         0.0003   
864000 only               2         0.0003   
7776000                   2         0.0003   
7776000 only              2         0.0003   
None                      150587    24.8714  
None only                 147396    24.3444  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      8730      1.4419   
ecdsa-with-SHA256         73301     12.1066  
sha1WithRSAEncryption     14072     2.3242   
sha256WithRSAEncryption   536481    88.6069  
sha384WithRSAEncryption   10        0.0017   
sha512WithRSAEncryption   77        0.0127   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 76480     12.6317  
ECDSA 384                 50        0.0083   
ECDSA 521                 1         0.0002   
RSA 1024                  11        0.0018   
RSA 2048                  515147    85.0833  
RSA 2049                  3         0.0005   
RSA 2056                  2         0.0003   
RSA 2058                  3         0.0005   
RSA 2059                  1         0.0002   
RSA 2080                  7         0.0012   
RSA 2084                  1         0.0002   
RSA 2086                  1         0.0002   
RSA 2096                  2         0.0003   
RSA 2408                  1         0.0002   
RSA 2432                  4         0.0007   
RSA 2560                  1         0.0002   
RSA 2948                  1         0.0002   
RSA 3072                  169       0.0279   
RSA 3096                  2         0.0003   
RSA 3248                  4         0.0007   
RSA 4048                  1         0.0002   
RSA 4056                  15        0.0025   
RSA 4068                  2         0.0003   
RSA 4069                  1         0.0002   
RSA 4086                  3         0.0005   
RSA 4092                  2         0.0003   
RSA 4094                  1         0.0002   
RSA 4095                  1         0.0002   
RSA 4096                  35089     5.7954   
RSA 4196                  1         0.0002   
RSA 8192                  11        0.0018   
RSA 8392                  1         0.0002   
RSA/ECDSA Dual Stack      21540     3.5576

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 152000    25.1048  
Unsupported               453462    74.8952  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      15007     2.4786
SSL2 Only                 5         0.0008
SSL3                      84197     13.9062
SSL3 Only                 307       0.0507
SSL3 or TLS1 Only         43671     7.2128
SSL3 or lower Only        315       0.052
TLS1                      591302    97.6613
TLS1 Only                 26101     4.3109
TLS1 or lower Only        57666     9.5243
TLS1.1                    538620    88.9602
TLS1.1 Only               40        0.0066
TLS1.1 or up Only         13694     2.2617
TLS1.2                    545921    90.166
TLS1.2 Only               3995      0.6598
TLS1.2, 1.0 but not 1.1   4786      0.7905

Client Hello intolerance                 Count     Percent
----------------------------------------+---------+-------
SSL 3.254                                12675     2.0934
TLS 1.0                                  13295     2.1958
TLS 1.1                                  3793      0.6265
TLS 1.2                                  80        0.0132
TLS 1.3                                  7562      1.249
TLS 1.4                                  7642      1.2622
extensions                               12        0.002
size c#/12                               12        0.002
size c#/129                              818       0.1351
size c#/16316                            6         0.001
size c#/16317                            5         0.0008
size c#/1957                             11        0.0018
size c#/1958                             11        0.0018
size c#/1959                             21        0.0035
size c#/1960                             34        0.0056
size c#/1961                             27        0.0045
size c#/1962                             63        0.0104
size c#/1963                             68        0.0112
size c#/1964                             62        0.0102
size c#/1965                             42        0.0069
size c#/1966                             17        0.0028
size c#/1967                             13        0.0021
size c#/1969                             7         0.0012
size c#/1970                             6         0.001
size c#/1971                             27        0.0045
size c#/1972                             39        0.0064
size c#/1973                             42        0.0069
size c#/1974                             43        0.0071
size c#/1975                             51        0.0084
size c#/1976                             54        0.0089
size c#/1977                             33        0.0055
size c#/1978                             18        0.003
size c#/1987                             63        0.0104
size c#/20                               13        0.0021
size c#/201                              30        0.005
size c#/22                               117       0.0193
size c#/24507                            8         0.0013
size c#/24508                            5         0.0008
size c#/257                              278       0.0459
size c#/31680                            11        0.0018
size c#/32685                            9         0.0015
size c#/32687                            6         0.001
size c#/32692                            5         0.0008
size c#/32693                            8         0.0013
size c#/32694                            14        0.0023
size c#/32695                            11        0.0018
size c#/32696                            27        0.0045
size c#/32697                            63        0.0104
size c#/32698                            23        0.0038
size c#/32699                            14        0.0023
size c#/32700                            18        0.003
size c#/32701                            10        0.0017
size c#/32702                            15        0.0025
size c#/32709                            206       0.034
size c#/4035                             11        0.0018
size c#/4310                             7         0.0012
size c#/4317                             30        0.005
size c#/501                              88        0.0145
size c#/5039                             8         0.0013
size c#/5042                             6         0.001
size c#/5045                             8         0.0013
size c#/5046                             16        0.0026
size c#/5047                             22        0.0036
size c#/5048                             36        0.0059
size c#/5049                             47        0.0078
size c#/5050                             70        0.0116
size c#/5051                             70        0.0116
size c#/5052                             107       0.0177
size c#/5053                             69        0.0114
size c#/5054                             43        0.0071
size c#/5055                             36        0.0059
size c#/5062                             1595      0.2634
size c#/5063                             150       0.0248
size c#/5751                             196       0.0324
size c#/6076                             7         0.0012
size c#/6077                             11        0.0018
size c#/6085                             5         0.0008
size c#/612                              134       0.0221
size c#/619                              6         0.001
size c#/6518                             5         0.0008
size c#/652                              6         0.001
size c#/7104                             10        0.0017
size c#/7105                             152       0.0251
size c#/7106                             17        0.0028
size c#/7107                             5027      0.8303
size c#/8092                             10        0.0017
size c#/8094                             26        0.0043
size c#/8095                             10        0.0017
size c#/8098                             9         0.0015
size c#/8099                             13        0.0021
size c#/8100                             33        0.0055
size c#/8101                             46        0.0076
size c#/8102                             119       0.0197
size c#/8103                             206       0.034
size c#/8104                             361       0.0596
size c#/8105                             671       0.1108
size c#/8106                             1180      0.1949
size c#/8107                             2014      0.3326
size c#/8108                             3154      0.5209
size c#/8109                             4426      0.731
size c#/8110                             6277      1.0367
size c#/8111                             7653      1.264
size c#/8112                             9400      1.5525
size c#/8113                             9006      1.4875
size c#/8114                             7622      1.2589
size c#/8115                             4097      0.6767
size c#/8116                             2883      0.4762
size c#/8117                             3280      0.5417
size c#/8118                             5481      0.9053
size c#/8119                             8364      1.3814
size c#/8120                             12758     2.1072
size c#/8121                             18287     3.0203
size c#/8122                             25356     4.1879
size c#/8123                             31328     5.1742
size c#/8124                             39585     6.538
size c#/8125                             30235     4.9937
size c#/8126                             22472     3.7115
size c#/8127                             7357      1.2151
size c#/8128                             1600      0.2643
size c#/8129                             37        0.0061
size c#/8130                             35        0.0058
size c#/8131                             39        0.0064
size c#/8132                             35        0.0058
size c#/8133                             1678      0.2771
size c#/8134                             61        0.0101
size c#/8135                             42812     7.071
size c#/8138                             2248      0.3713
size c#/8150                             19        0.0031
size c#/8170                             10        0.0017
size c#/8171                             14        0.0023
size c#/8172                             5         0.0008
size c#/8173                             83        0.0137
size c#/8249                             5         0.0008
size c#/8250                             6         0.001
size c#/951                              6         0.001
size c#/952                              9         0.0015
size c#/953                              13        0.0021
size c#/954                              9         0.0015
size c#/955                              13        0.0021
size c#/956                              18        0.003
size c#/957                              18        0.003
size c#/965                              11        0.0018
size c/1000                              10        0.0017
size c/1001                              15        0.0025
size c/10096                             11        0.0018
size c/10245                             921       0.1521
size c/10245 c#/5046                     8         0.0013
size c/10245 c#/5047                     14        0.0023
size c/10245 c#/5048                     18        0.003
size c/10245 c#/5049                     22        0.0036
size c/10245 c#/5050                     40        0.0066
size c/10245 c#/5051                     38        0.0063
size c/10245 c#/5052                     39        0.0064
size c/10245 c#/5053                     33        0.0055
size c/10245 c#/5054                     17        0.0028
size c/10245 c#/5055                     13        0.0021
size c/10245 c#/5063                     150       0.0248
size c/10246                             4337      0.7163
size c/10246 c#/4035                     10        0.0017
size c/10246 c#/5042                     5         0.0008
size c/10246 c#/5046                     8         0.0013
size c/10246 c#/5047                     8         0.0013
size c/10246 c#/5048                     17        0.0028
size c/10246 c#/5049                     25        0.0041
size c/10246 c#/5050                     30        0.005
size c/10246 c#/5051                     32        0.0053
size c/10246 c#/5052                     67        0.0111
size c/10246 c#/5053                     36        0.0059
size c/10246 c#/5054                     26        0.0043
size c/10246 c#/5055                     22        0.0036
size c/10246 c#/5062                     1595      0.2634
size c/10339                             6         0.001
size c/10655                             7         0.0012
size c/11074                             6         0.001
size c/11075                             5         0.0008
size c/1121                              10        0.0017
size c/1121 c#/501                       10        0.0017
size c/1135                              68        0.0112
size c/1135 c#/501                       22        0.0036
size c/1141                              6         0.001
size c/1142                              32        0.0053
size c/1142 c#/501                       8         0.0013
size c/1143                              34        0.0056
size c/1143 c#/501                       6         0.001
size c/1144                              22        0.0036
size c/1145                              13        0.0021
size c/1152                              5         0.0008
size c/1152 c#/501                       5         0.0008
size c/1161                              6         0.001
size c/11635                             275       0.0454
size c/11635 c#/5751                     196       0.0324
size c/12288                             26        0.0043
size c/12288 c#/6077                     5         0.0008
size c/12289                             40        0.0066
size c/12289 c#/6077                     6         0.001
size c/12289 c#/6085                     5         0.0008
size c/13169                             7         0.0012
size c/13169 c#/6518                     5         0.0008
size c/133                               26        0.0043
size c/133 c#/22                         24        0.004
size c/1345                              8         0.0013
size c/1356                              17        0.0028
size c/1357                              461       0.0761
size c/1357 c#/612                       134       0.0221
size c/1357 c#/619                       6         0.001
size c/13596                             5         0.0008
size c/13597                             5         0.0008
size c/1437                              5         0.0008
size c/1457                              11        0.0018
size c/1522                              7         0.0012
size c/15368                             10        0.0017
size c/15369                             5         0.0008
size c/154                               15        0.0025
size c/155                               47        0.0078
size c/156                               134       0.0221
size c/157                               27        0.0045
size c/16129                             5         0.0008
size c/162                               5         0.0008
size c/16254                             7         0.0012
size c/16289                             7         0.0012
size c/16317                             9         0.0015
size c/16317 c#/8092                     8         0.0013
size c/16318                             6         0.001
size c/16353                             67        0.0111
size c/16353 c#/8107                     5         0.0008
size c/16353 c#/8110                     28        0.0046
size c/16353 c#/8117                     9         0.0015
size c/16354                             19        0.0031
size c/16366                             5         0.0008
size c/16376                             51        0.0084
size c/16376 c#/8111                     5         0.0008
size c/16376 c#/8112                     5         0.0008
size c/16376 c#/8113                     5         0.0008
size c/16376 c#/8114                     8         0.0013
size c/16376 c#/8116                     7         0.0012
size c/16376 c#/8117                     6         0.001
size c/16377                             43        0.0071
size c/16377 c#/8114                     6         0.001
size c/16377 c#/8117                     5         0.0008
size c/16377 c#/8118                     5         0.0008
size c/16380                             10        0.0017
size c/16381                             15        0.0025
size c/16382                             148       0.0244
size c/16382 c#/8119                     7         0.0012
size c/16382 c#/8120                     11        0.0018
size c/16382 c#/8121                     9         0.0015
size c/16383                             138       0.0228
size c/16383 c#/8119                     7         0.0012
size c/16383 c#/8120                     7         0.0012
size c/16383 c#/8121                     9         0.0015
size c/16383 c#/8122                     6         0.001
size c/16383 c#/8132                     11        0.0018
size c/16384                             89        0.0147
size c/16384 c#/7104                     9         0.0015
size c/16384 c#/8122                     6         0.001
size c/16384 c#/8123                     6         0.001
size c/16385                             18751     3.097
size c/16385 c#/8102                     8         0.0013
size c/16385 c#/8103                     18        0.003
size c/16385 c#/8104                     19        0.0031
size c/16385 c#/8105                     34        0.0056
size c/16385 c#/8106                     55        0.0091
size c/16385 c#/8107                     99        0.0164
size c/16385 c#/8108                     148       0.0244
size c/16385 c#/8109                     196       0.0324
size c/16385 c#/8110                     209       0.0345
size c/16385 c#/8111                     260       0.0429
size c/16385 c#/8112                     256       0.0423
size c/16385 c#/8113                     185       0.0306
size c/16385 c#/8114                     163       0.0269
size c/16385 c#/8115                     125       0.0206
size c/16385 c#/8116                     124       0.0205
size c/16385 c#/8117                     176       0.0291
size c/16385 c#/8118                     284       0.0469
size c/16385 c#/8119                     376       0.0621
size c/16385 c#/8120                     517       0.0854
size c/16385 c#/8121                     555       0.0917
size c/16385 c#/8122                     567       0.0936
size c/16385 c#/8123                     510       0.0842
size c/16385 c#/8124                     274       0.0453
size c/16385 c#/8125                     120       0.0198
size c/16385 c#/8126                     2989      0.4937
size c/16385 c#/8133                     1653      0.273
size c/16385 c#/8171                     14        0.0023
size c/16386                             13125     2.1678
size c/16386 c#/7105                     152       0.0251
size c/16386 c#/8102                     9         0.0015
size c/16386 c#/8103                     5         0.0008
size c/16386 c#/8104                     20        0.0033
size c/16386 c#/8105                     37        0.0061
size c/16386 c#/8106                     73        0.0121
size c/16386 c#/8107                     101       0.0167
size c/16386 c#/8108                     150       0.0248
size c/16386 c#/8109                     177       0.0292
size c/16386 c#/8110                     222       0.0367
size c/16386 c#/8111                     242       0.04
size c/16386 c#/8112                     252       0.0416
size c/16386 c#/8113                     234       0.0386
size c/16386 c#/8114                     170       0.0281
size c/16386 c#/8115                     126       0.0208
size c/16386 c#/8116                     112       0.0185
size c/16386 c#/8117                     159       0.0263
size c/16386 c#/8118                     265       0.0438
size c/16386 c#/8119                     336       0.0555
size c/16386 c#/8120                     430       0.071
size c/16386 c#/8121                     518       0.0856
size c/16386 c#/8122                     839       0.1386
size c/16386 c#/8123                     512       0.0846
size c/16386 c#/8124                     731       0.1207
size c/16386 c#/8125                     196       0.0324
size c/16386 c#/8126                     62        0.0102
size c/16387                             227       0.0375
size c/16387 c#/8110                     5         0.0008
size c/16387 c#/8113                     6         0.001
size c/16387 c#/8119                     7         0.0012
size c/16387 c#/8120                     7         0.0012
size c/16387 c#/8121                     11        0.0018
size c/16387 c#/8122                     14        0.0023
size c/16387 c#/8123                     13        0.0021
size c/16387 c#/8124                     9         0.0015
size c/16387 c#/8125                     8         0.0013
size c/16387 c#/8127                     10        0.0017
size c/16387 c#/8134                     21        0.0035
size c/16387 c#/8172                     5         0.0008
size c/16388                             298       0.0492
size c/16388 c#/7106                     16        0.0026
size c/16388 c#/8110                     5         0.0008
size c/16388 c#/8111                     5         0.0008
size c/16388 c#/8112                     8         0.0013
size c/16388 c#/8113                     7         0.0012
size c/16388 c#/8120                     5         0.0008
size c/16388 c#/8121                     10        0.0017
size c/16388 c#/8122                     22        0.0036
size c/16388 c#/8123                     25        0.0041
size c/16388 c#/8124                     13        0.0021
size c/16388 c#/8125                     10        0.0017
size c/16389                             268155    44.2893
size c/16389 c#/8094                     23        0.0038
size c/16389 c#/8098                     6         0.001
size c/16389 c#/8100                     15        0.0025
size c/16389 c#/8101                     20        0.0033
size c/16389 c#/8102                     55        0.0091
size c/16389 c#/8103                     111       0.0183
size c/16389 c#/8104                     182       0.0301
size c/16389 c#/8105                     358       0.0591
size c/16389 c#/8106                     630       0.1041
size c/16389 c#/8107                     974       0.1609
size c/16389 c#/8108                     1595      0.2634
size c/16389 c#/8109                     2203      0.3639
size c/16389 c#/8110                     3083      0.5092
size c/16389 c#/8111                     3725      0.6152
size c/16389 c#/8112                     4605      0.7606
size c/16389 c#/8113                     4296      0.7095
size c/16389 c#/8114                     3315      0.5475
size c/16389 c#/8115                     1545      0.2552
size c/16389 c#/8116                     1299      0.2145
size c/16389 c#/8117                     1571      0.2595
size c/16389 c#/8118                     2697      0.4454
size c/16389 c#/8119                     4278      0.7066
size c/16389 c#/8120                     6571      1.0853
size c/16389 c#/8121                     9394      1.5515
size c/16389 c#/8122                     12718     2.1005
size c/16389 c#/8123                     15877     2.6223
size c/16389 c#/8124                     16691     2.7567
size c/16389 c#/8125                     14032     2.3176
size c/16389 c#/8126                     7852      1.2969
size c/16389 c#/8127                     2624      0.4334
size c/16389 c#/8128                     268       0.0443
size c/16389 c#/8135                     42808     7.0703
size c/16389 c#/8150                     19        0.0031
size c/16389 c#/8170                     9         0.0015
size c/16389 c#/8173                     83        0.0137
size c/16390                             238986    39.4717
size c/16390 c#/7107                     5027      0.8303
size c/16390 c#/8095                     7         0.0012
size c/16390 c#/8099                     7         0.0012
size c/16390 c#/8100                     15        0.0025
size c/16390 c#/8101                     19        0.0031
size c/16390 c#/8102                     45        0.0074
size c/16390 c#/8103                     67        0.0111
size c/16390 c#/8104                     131       0.0216
size c/16390 c#/8105                     232       0.0383
size c/16390 c#/8106                     411       0.0679
size c/16390 c#/8107                     829       0.1369
size c/16390 c#/8108                     1242      0.2051
size c/16390 c#/8109                     1837      0.3034
size c/16390 c#/8110                     2719      0.4491
size c/16390 c#/8111                     3407      0.5627
size c/16390 c#/8112                     4262      0.7039
size c/16390 c#/8113                     4265      0.7044
size c/16390 c#/8114                     3954      0.6531
size c/16390 c#/8115                     2291      0.3784
size c/16390 c#/8116                     1326      0.219
size c/16390 c#/8117                     1340      0.2213
size c/16390 c#/8118                     2205      0.3642
size c/16390 c#/8119                     3319      0.5482
size c/16390 c#/8120                     5189      0.857
size c/16390 c#/8121                     7762      1.282
size c/16390 c#/8122                     11166     1.8442
size c/16390 c#/8123                     14359     2.3716
size c/16390 c#/8124                     21849     3.6086
size c/16390 c#/8125                     15844     2.6168
size c/16390 c#/8126                     11553     1.9081
size c/16390 c#/8127                     4704      0.7769
size c/16390 c#/8128                     1306      0.2157
size c/16390 c#/8129                     6         0.001
size c/16390 c#/8134                     33        0.0055
size c/16393                             18        0.003
size c/16393 c#/8130                     7         0.0012
size c/16394                             5         0.0008
size c/16403                             88        0.0145
size c/16403 c#/8125                     5         0.0008
size c/16403 c#/8127                     11        0.0018
size c/16403 c#/8128                     12        0.002
size c/16403 c#/8129                     14        0.0023
size c/16403 c#/8130                     8         0.0013
size c/16403 c#/8131                     13        0.0021
size c/16403 c#/8132                     7         0.0012
size c/16403 c#/8133                     8         0.0013
size c/16404                             113       0.0187
size c/16404 c#/8127                     6         0.001
size c/16404 c#/8128                     13        0.0021
size c/16404 c#/8129                     16        0.0026
size c/16404 c#/8130                     18        0.003
size c/16404 c#/8131                     19        0.0031
size c/16404 c#/8132                     11        0.0018
size c/16404 c#/8133                     15        0.0025
size c/16404 c#/8134                     5         0.0008
size c/16408                             58        0.0096
size c/16408 c#/8118                     5         0.0008
size c/16408 c#/8119                     7         0.0012
size c/16408 c#/8120                     8         0.0013
size c/16408 c#/8121                     9         0.0015
size c/16408 c#/8122                     6         0.001
size c/16408 c#/8123                     10        0.0017
size c/16409                             2323      0.3837
size c/16409 c#/8118                     5         0.0008
size c/16409 c#/8119                     14        0.0023
size c/16409 c#/8121                     5         0.0008
size c/16409 c#/8122                     8         0.0013
size c/16409 c#/8123                     10        0.0017
size c/16409 c#/8124                     11        0.0018
size c/16409 c#/8125                     11        0.0018
size c/16409 c#/8138                     2248      0.3713
size c/16645                             8         0.0013
size c/16646                             17        0.0028
size c/177                               6         0.001
size c/181                               5         0.0008
size c/182                               8         0.0013
size c/1977                              5         0.0008
size c/202                               12        0.002
size c/2049                              103       0.017
size c/2049 c#/951                       6         0.001
size c/2049 c#/953                       9         0.0015
size c/2049 c#/955                       9         0.0015
size c/2049 c#/956                       11        0.0018
size c/2049 c#/965                       11        0.0018
size c/2050                              69        0.0114
size c/2050 c#/952                       5         0.0008
size c/2050 c#/954                       5         0.0008
size c/2050 c#/956                       7         0.0012
size c/2050 c#/957                       16        0.0026
size c/21849                             5         0.0008
size c/2784                              8         0.0013
size c/32773                             12        0.002
size c/32774                             13        0.0021
size c/377                               145       0.0239
size c/377 c#/129                        145       0.0239
size c/393                               17        0.0028
size c/393 c#/129                        17        0.0028
size c/394                               17        0.0028
size c/394 c#/129                        17        0.0028
size c/395                               20        0.0033
size c/395 c#/129                        19        0.0031
size c/396                               45        0.0074
size c/396 c#/129                        36        0.0059
size c/397                               94        0.0155
size c/397 c#/129                        35        0.0058
size c/398                               343       0.0567
size c/398 c#/129                        62        0.0102
size c/399                               346       0.0571
size c/399 c#/129                        55        0.0091
size c/400                               284       0.0469
size c/400 c#/129                        60        0.0099
size c/401                               117       0.0193
size c/401 c#/129                        64        0.0106
size c/402                               63        0.0104
size c/402 c#/129                        63        0.0104
size c/403                               47        0.0078
size c/403 c#/129                        47        0.0078
size c/404                               32        0.0053
size c/404 c#/129                        32        0.0053
size c/405                               26        0.0043
size c/405 c#/129                        26        0.0043
size c/406                               20        0.0033
size c/406 c#/129                        19        0.0031
size c/407                               30        0.005
size c/407 c#/129                        30        0.005
size c/4077                              21        0.0035
size c/4077 c#/1972                      6         0.001
size c/408                               24        0.004
size c/408 c#/129                        24        0.004
size c/409                               12        0.002
size c/409 c#/129                        12        0.002
size c/4091                              33        0.0055
size c/4092                              524       0.0865
size c/4092 c#/1957                      5         0.0008
size c/4092 c#/1958                      8         0.0013
size c/4092 c#/1959                      9         0.0015
size c/4092 c#/1960                      16        0.0026
size c/4092 c#/1961                      12        0.002
size c/4092 c#/1962                      36        0.0059
size c/4092 c#/1963                      32        0.0053
size c/4092 c#/1964                      32        0.0053
size c/4092 c#/1965                      17        0.0028
size c/4092 c#/1966                      5         0.0008
size c/4092 c#/1969                      5         0.0008
size c/4092 c#/1971                      19        0.0031
size c/4092 c#/1972                      16        0.0026
size c/4092 c#/1973                      20        0.0033
size c/4092 c#/1974                      26        0.0043
size c/4092 c#/1975                      23        0.0038
size c/4092 c#/1976                      30        0.005
size c/4092 c#/1977                      13        0.0021
size c/4092 c#/1978                      9         0.0015
size c/4093                              482       0.0796
size c/4093 c#/1957                      6         0.001
size c/4093 c#/1959                      12        0.002
size c/4093 c#/1960                      18        0.003
size c/4093 c#/1961                      15        0.0025
size c/4093 c#/1962                      27        0.0045
size c/4093 c#/1963                      36        0.0059
size c/4093 c#/1964                      30        0.005
size c/4093 c#/1965                      25        0.0041
size c/4093 c#/1966                      12        0.002
size c/4093 c#/1967                      9         0.0015
size c/4093 c#/1971                      8         0.0013
size c/4093 c#/1972                      17        0.0028
size c/4093 c#/1973                      21        0.0035
size c/4093 c#/1974                      17        0.0028
size c/4093 c#/1975                      28        0.0046
size c/4093 c#/1976                      23        0.0038
size c/4093 c#/1977                      20        0.0033
size c/4093 c#/1978                      8         0.0013
size c/4093 c#/1987                      63        0.0104
size c/410                               13        0.0021
size c/410 c#/129                        13        0.0021
size c/411                               8         0.0013
size c/411 c#/129                        7         0.0012
size c/412                               9         0.0015
size c/412 c#/129                        9         0.0015
size c/413                               9         0.0015
size c/413 c#/129                        9         0.0015
size c/415                               5         0.0008
size c/415 c#/129                        5         0.0008
size c/49153                             12        0.002
size c/49153 c#/24508                    5         0.0008
size c/49154                             10        0.0017
size c/49154 c#/24507                    5         0.0008
size c/540                               8         0.0013
size c/540 c#/201                        8         0.0013
size c/561                               9         0.0015
size c/562                               13        0.0021
size c/563                               22        0.0036
size c/564                               12        0.002
size c/567                               5         0.0008
size c/633                               6         0.001
size c/633 c#/257                        6         0.001
size c/647                               16        0.0026
size c/6496                              5         0.0008
size c/6497                              5         0.0008
size c/652                               44        0.0073
size c/652 c#/257                        44        0.0073
size c/654                               12        0.002
size c/655                               13        0.0021
size c/65536                             1023      0.169
size c/65536 c#/31680                    11        0.0018
size c/65536 c#/32685                    6         0.001
size c/65536 c#/32694                    8         0.0013
size c/65536 c#/32695                    5         0.0008
size c/65536 c#/32696                    11        0.0018
size c/65536 c#/32697                    50        0.0083
size c/65536 c#/32698                    11        0.0018
size c/65536 c#/32699                    8         0.0013
size c/65536 c#/32700                    10        0.0017
size c/65537                             1299      0.2145
size c/65537 c#/32694                    6         0.001
size c/65537 c#/32695                    6         0.001
size c/65537 c#/32696                    16        0.0026
size c/65537 c#/32697                    12        0.002
size c/65537 c#/32698                    12        0.002
size c/65537 c#/32699                    6         0.001
size c/65537 c#/32700                    8         0.0013
size c/65537 c#/32701                    7         0.0012
size c/65537 c#/32702                    15        0.0025
size c/65537 c#/32709                    206       0.034
size c/656                               21        0.0035
size c/656 c#/257                        5         0.0008
size c/667                               8         0.0013
size c/667 c#/257                        8         0.0013
size c/668                               10        0.0017
size c/668 c#/257                        10        0.0017
size c/669                               15        0.0025
size c/669 c#/257                        15        0.0025
size c/67                                5         0.0008
size c/670                               10        0.0017
size c/670 c#/257                        10        0.0017
size c/671                               24        0.004
size c/671 c#/257                        16        0.0026
size c/672                               32        0.0053
size c/672 c#/257                        12        0.002
size c/673                               81        0.0134
size c/673 c#/257                        18        0.003
size c/674                               125       0.0206
size c/674 c#/257                        20        0.0033
size c/675                               112       0.0185
size c/675 c#/257                        18        0.003
size c/676                               39        0.0064
size c/676 c#/257                        8         0.0013
size c/677                               20        0.0033
size c/677 c#/257                        12        0.002
size c/678                               22        0.0036
size c/678 c#/257                        10        0.0017
size c/679                               23        0.0038
size c/679 c#/257                        10        0.0017
size c/680                               30        0.005
size c/680 c#/257                        12        0.002
size c/683                               5         0.0008
size c/683 c#/257                        5         0.0008
size c/685                               6         0.001
size c/685 c#/257                        5         0.0008
size c/687                               5         0.0008
size c/73                                42        0.0069
size c/8281                              6         0.001
size c/87                                89        0.0147
size c/87 c#/22                          28        0.0046
size c/8753                              8         0.0013
size c/8753 c#/4310                      7         0.0012
size c/8767                              30        0.005
size c/8767 c#/4317                      30        0.005
size c/9435                              5         0.0008
size e/10245                             1354      0.2236
size e/10245 c/10245                     235       0.0388
size e/10245 c/10246                     1112      0.1837
size e/10654                             5         0.0008
size e/10654 c/10655                     5         0.0008
size e/11634                             18        0.003
size e/11634 c/11635                     18        0.003
size e/12288                             11        0.0018
size e/12288 c/12288                     6         0.001
size e/12288 c/12289                     5         0.0008
size e/12333                             5         0.0008
size e/1356                              163       0.0269
size e/1356 c/1356                       6         0.001
size e/1356 c/1357                       152       0.0251
size e/14358                             6         0.001
size e/15370                             6         0.001
size e/15370 c/398                       5         0.0008
size e/16128                             5         0.0008
size e/16289                             5         0.0008
size e/16351                             143       0.0236
size e/16351 c/397                       10        0.0017
size e/16351 c/398                       27        0.0045
size e/16351 c/399                       47        0.0078
size e/16351 c/400                       44        0.0073
size e/16351 c/401                       12        0.002
size e/16353                             8         0.0013
size e/16380                             8         0.0013
size e/16382                             118       0.0195
size e/16382 c/16382                     60        0.0099
size e/16382 c/16383                     20        0.0033
size e/16382 c/16389                     13        0.0021
size e/16382 c/16390                     14        0.0023
size e/16383                             12        0.002
size e/16384                             37        0.0061
size e/16384 c/16385                     24        0.004
size e/16385                             7248      1.1971
size e/16385 c/16384                     5         0.0008
size e/16385 c/16385                     4271      0.7054
size e/16385 c/16386                     2804      0.4631
size e/16385 c/16388                     7         0.0012
size e/16385 c/16389                     8         0.0013
size e/16385 c/16390                     9         0.0015
size e/16385 c/398                       7         0.0012
size e/16385 c/399                       23        0.0038
size e/16385 c/400                       16        0.0026
size e/16385 c/401                       7         0.0012
size e/16385 c/656                       7         0.0012
size e/16385 c/673                       7         0.0012
size e/16385 c/674                       15        0.0025
size e/16385 c/675                       9         0.0015
size e/16386                             14        0.0023
size e/16386 c/16390                     6         0.001
size e/16387                             75        0.0124
size e/16387 c/16385                     5         0.0008
size e/16387 c/16386                     9         0.0015
size e/16387 c/16388                     6         0.001
size e/16387 c/16389                     27        0.0045
size e/16387 c/16390                     23        0.0038
size e/16388                             100       0.0165
size e/16388 c/16385                     6         0.001
size e/16388 c/16386                     10        0.0017
size e/16388 c/16388                     20        0.0033
size e/16388 c/16389                     30        0.005
size e/16388 c/16390                     26        0.0043
size e/16389                             78228     12.9204
size e/16389 c/1142                      10        0.0017
size e/16389 c/1143                      6         0.001
size e/16389 c/1144                      9         0.0015
size e/16389 c/16382                     14        0.0023
size e/16389 c/16383                     27        0.0045
size e/16389 c/16386                     29        0.0048
size e/16389 c/16387                     30        0.005
size e/16389 c/16388                     26        0.0043
size e/16389 c/16389                     38153     6.3015
size e/16389 c/16390                     39774     6.5692
size e/16389 c/672                       6         0.001
size e/16389 c/673                       16        0.0026
size e/16389 c/674                       32        0.0053
size e/16389 c/675                       17        0.0028
size e/16389 c/676                       8         0.0013
size e/16389 c/680                       6         0.001
size e/16392                             5         0.0008
size e/181                               5         0.0008
size e/182                               22        0.0036
size e/182 c/398                         19        0.0031
size e/183                               7         0.0012
size e/184                               11        0.0018
size e/184 c/400                         5         0.0008
size e/2049                              38        0.0063
size e/2049 c/2049                       20        0.0033
size e/2049 c/2050                       15        0.0025
size e/2053                              28        0.0046
size e/2053 c/562                        5         0.0008
size e/2053 c/563                        10        0.0017
size e/2053 c/564                        9         0.0015
size e/2207                              5         0.0008
size e/3221                              7         0.0012
size e/3470                              10        0.0017
size e/3471                              7         0.0012
size e/3726                              8         0.0013
size e/4076                              11        0.0018
size e/4076 c/4077                       9         0.0015
size e/4091                              33        0.0055
size e/4091 c/4091                       16        0.0026
size e/4091 c/4092                       17        0.0028
size e/4092                              77        0.0127
size e/4092 c/4092                       41        0.0068
size e/4092 c/4093                       35        0.0058
size e/65536                             930       0.1536
size e/65536 c/65536                     432       0.0714
size e/65536 c/65537                     480       0.0793
size e/663                               8         0.0013
size e/663 c/154                         8         0.0013
size e/664                               23        0.0038
size e/664 c/155                         23        0.0038
size e/665                               57        0.0094
size e/665 c/156                         48        0.0079
size e/665 c/157                         9         0.0015
size e/75                                41        0.0068
size e/75 c/73                           41        0.0068
size e/8156                              5         0.0008
size e/8282                              7         0.0012
size e/8283                              17        0.0028
size e/8283 c/398                        9         0.0015
x:missing information                    312       0.0515



Statistics from 345853 chains provided by 733230 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  321690    43.873
incomplete                13637     1.8599
untrusted                 397903    54.2671

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         1         0.0003
3                         342016    98.8906
4                         3826      1.1063
5                         10        0.0029

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 994       
ECDSA 384                 992       
RSA 1024                  2         
RSA 2045                  2         
RSA 2048                  559292    
RSA 4096                  134269    

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 994       0.2874
ECDSA 384                 992       0.2868
RSA 1024                  2         0.0006
RSA 2045                  2         0.0006
RSA 2048                  344498    99.6082
RSA 4096                  133708    38.6604

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              983       
sha1WithRSAEncryption          4319      
sha256WithRSAEncryption        224373    
sha384WithRSAEncryption        119959    
sha512WithRSAEncryption        64        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        4274      1.2358
112                       340564    98.4707
128                       1015      0.2935

Most common root CAs                          Count     Percent
---------------------------------------------+---------+-------
(d6325660) COMODO RSA Certification Authority 106139    30.689
(2c543cd1) GeoTrust Global CA                 56165     16.2396
(cbf06781) Go Daddy Root Certificate Authorit 32653     9.4413
(5ad8a5d6) GlobalSign Root CA                 24999     7.2282
(244b5494) DigiCert High Assurance EV Root CA 16519     4.7763
(b204d74a) VeriSign Class 3 Public Primary Ce 15764     4.558
(fc5a8f99) USERTrust RSA Certification Author 13736     3.9716
(2e4eed3c) thawte Primary Root CA             10647     3.0785
(653b494a) Baltimore CyberTrust Root          8279      2.3938
(3513523f) DigiCert Global Root CA            8112      2.3455
(4bfab552) Starfield Root Certificate Authori 8095      2.3406
(ae8153b9) StartCom Certification Authority   5419      1.5669
(e2799e36) GeoTrust Primary Certification Aut 5190      1.5006
(480720ec) GeoTrust Primary Certification Aut 4051      1.1713

Most common intermediate CA                   Count     Percent
---------------------------------------------+---------+-------
(8d28ae65) COMODO RSA Domain Validation Secur 72895     21.0769
(27eb7704) Go Daddy Secure Certificate Author 32653     9.4413
(53f3e569) RapidSSL SHA256 CA - G3            23158     6.6959
(1400f578) cPanel, Inc. Certification Authori 19966     5.773
(80ecc636) RapidSSL SHA256 CA                 14853     4.2946
(38ae8eda) DigiCert SHA2 High Assurance Serve 13712     3.9647
(7d9c641e) Symantec Class 3 Secure Server CA  10524     3.0429
(10310d4b) GeoTrust SSL CA - G3               10160     2.9377
(16744f0c) AlphaSSL CA - SHA256 - G2          10093     2.9183
(c43a77d9) COMODO RSA Organization Validation 9144      2.6439
(85cf5865) DigiCert SHA2 Secure Server CA     8104      2.3432
(cd7781e5) Starfield Secure Certificate Autho 8095      2.3406
(d7d634d4) GlobalSign Domain Validation CA -  7259      2.0989
(3d97f5e2) Verizon Akamai SureServer CA G14-S 6396      1.8493
(fd917e82) SecureCore RSA DV CA               6157      1.7802
(9ad474ec) thawte SSL CA - G2                 5683      1.6432
(a0f7ac3e) Symantec Class 3 EV SSL CA - G3    4780      1.3821
(b85455c4) GlobalSign Organization Validation 4617      1.335
(b71a5f76) GeoTrust EV SSL CA - G4            4051      1.1713
(98d7cad7) GeoTrust DV SSL CA - G3            3804      1.0999
(b155520b) GlobalSign CloudSSL CA - SHA256 -  3507      1.014

Scan performed between 28th of August and 27th of September 2016.

July 2016 scan results

This month the scan has a bit more information.

I’ve added special probes to detect whether the server is intolerant to specific types of Client Hello messages.

While support for TLSv1.2 is still not universal (being just under 90%), tolerance to Client Hello messages advertising support for TLSv1.2 is essentially full, with just 67 servers being detected as intolerant to such messages.

Support for more uncommon messages is much worse though, clients sending their maximum supported version set to TLSv1.2 can expect 1.3% of servers rejecting their connections. Higher protocol versions like TLSv1.4 have a rate of rejection on around 2.45%, for very high protocol versions it rises to 3.295% for SSL 3.254 (that would be TLSv1.253).

Clients sending Client Hello with a lot of options or extensions can expect even more intolerance. Sending multiple key shares (from TLSv1.3 draft), most of defined extensions and couple hundred ciphersuites can expect their connections rejected by over 7% of servers. In general intolerance for very big Client Hello messages, like 16KiB and 24KiB large, is respectively at 23.7% and a whopping 89.5%!

If fixing this will follow similar deployment rates as TLSv1.2 or RC4 deprecation, it doesn’t look like we will be able to deploy most Post Quantum key exchanges any time soon…

Besides that, there were no major changes, just continuation of long established trends, so I won’t be doing full analysis for this month too.

SSL/TLS survey of 603391 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      532905    88.3184
3DES Only                 550       0.0912
3DES Preferred            1719      0.2849
3DES forced in TLS1.1+    992       0.1644
AES                       599329    99.3268
AES Only                  46610     7.7247
AES-CBC                   598756    99.2318
AES-CBC Only              4850      0.8038
AES-GCM                   509780    84.4858
AES-GCM Only              526       0.0872
CAMELLIA                  267705    44.3668
CAMELLIA Only             1         0.0002
CHACHA20                  83982     13.9183
CHACHA20 Only             3         0.0005
Insecure                  53186     8.8145
RC4                       153525    25.4437
RC4 Only                  140       0.0232
RC4 Preferred             12783     2.1185
RC4 forced in TLS1.1+     6911      1.1454
x:FF 29 3DES Only         597       0.0989
x:FF 29 3DES Preferred    2030      0.3364
x:FF 29 RC4 Only          193       0.032
x:FF 29 RC4 Preferred     14404     2.3872
x:FF 29 incompatible      530       0.0878
x:FF 35 3DES Only         605       0.1003
x:FF 35 3DES Preferred    1956      0.3242
x:FF 35 RC4 Only          218       0.0361
x:FF 35 RC4 Preferred     14418     2.3895
x:FF 35 incompatible      532       0.0882
x:FF 44 3DES Only         3874      0.642
x:FF 44 3DES Preferred    7464      1.237
x:FF 44 incompatible      750       0.1243
y:DHE-RSA-SEED-SHA        79084     13.1066
y:IDEA-CBC-SHA            75906     12.5799
y:SEED-SHA                90103     14.9328
z:ADH-AES128-GCM-SHA256   428       0.0709
z:ADH-AES128-SHA          715       0.1185
z:ADH-AES128-SHA256       281       0.0466
z:ADH-AES256-GCM-SHA384   442       0.0733
z:ADH-AES256-SHA          759       0.1258
z:ADH-AES256-SHA256       284       0.0471
z:ADH-CAMELLIA128-SHA     368       0.061
z:ADH-CAMELLIA128-SHA256  1         0.0002
z:ADH-CAMELLIA256-SHA     393       0.0651
z:ADH-CAMELLIA256-SHA256  1         0.0002
z:ADH-DES-CBC-SHA         279       0.0462
z:ADH-DES-CBC3-SHA        720       0.1193
z:ADH-RC4-MD5             517       0.0857
z:ADH-SEED-SHA            298       0.0494
z:AECDH-AES128-SHA        9498      1.5741
z:AECDH-AES256-SHA        9566      1.5854
z:AECDH-DES-CBC3-SHA      9463      1.5683
z:AECDH-NULL-SHA          60        0.0099
z:AECDH-RC4-SHA           8940      1.4816
z:DES-CBC-MD5             6015      0.9969
z:DES-CBC-SHA             33753     5.5939
z:DES-CBC3-MD5            15538     2.5751
z:ECDHE-RSA-NULL-SHA      67        0.0111
z:EDH-RSA-DES-CBC-SHA     28904     4.7903
z:EXP-ADH-DES-CBC-SHA     180       0.0298
z:EXP-ADH-RC4-MD5         178       0.0295
z:EXP-DES-CBC-SHA         9916      1.6434
z:EXP-EDH-RSA-DES-CBC-SHA 7950      1.3176
z:EXP-RC2-CBC-MD5         11811     1.9574
z:EXP-RC4-MD5             12355     2.0476
z:EXP1024-DES-CBC-SHA     3045      0.5046
z:EXP1024-RC4-SHA         3108      0.5151
z:IDEA-CBC-MD5            1225      0.203
z:NULL-MD5                196       0.0325
z:NULL-SHA                201       0.0333
z:NULL-SHA256             39        0.0065
z:RC2-CBC-MD5             6171      1.0227
z:RC4-64-MD5              692       0.1147

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               149228    24.7316
Server side               454163    75.2684

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       918       0.1521
AECDH                     9574      1.5867
DHE                       327644    54.3004
ECDH                      2         0.0003
ECDHE                     532966    88.3285
ECDHE and DHE             285103    47.2501
RSA                       517470    85.7603

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               115821    19.195   35.3496
DH,2048bits               196265    32.527   59.9019
DH,2049bits               1         0.0002   0.0003
DH,2236bits               77        0.0128   0.0235
DH,2432bits               3         0.0005   0.0009
DH,3072bits               141       0.0234   0.043
DH,3092bits               2         0.0003   0.0006
DH,3196bits               1         0.0002   0.0003
DH,4096bits               14972     2.4813   4.5696
DH,512bits                122       0.0202   0.0372
DH,6144bits               1         0.0002   0.0003
DH,768bits                355       0.0588   0.1083
DH,8192bits               7         0.0012   0.0021
ECDH,B-571,570bits        4696      0.7783   0.8811
ECDH,K-163,163bits        1         0.0002   0.0002
ECDH,P-192,192bits        68        0.0113   0.0128
ECDH,P-224,224bits        91        0.0151   0.0171
ECDH,P-256,256bits        500295    82.9139  93.87
ECDH,P-384,384bits        12707     2.1059   2.3842
ECDH,P-521,521bits        17146     2.8416   3.2171
ECDH,brainpoolP512r1,512bits 3         0.0005   0.0006
ECDH,secp256k1,256bits    1         0.0002   0.0002
Prefer DH,1024bits        42440     7.0336   12.9531
Prefer DH,2048bits        4955      0.8212   1.5123
Prefer DH,3072bits        9         0.0015   0.0027
Prefer DH,3092bits        2         0.0003   0.0006
Prefer DH,4096bits        379       0.0628   0.1157
Prefer DH,768bits         33        0.0055   0.0101
Prefer ECDH,B-571,570bits 4438      0.7355   0.8327
Prefer ECDH,K-163,163bits 1         0.0002   0.0002
Prefer ECDH,P-192,192bits 1         0.0002   0.0002
Prefer ECDH,P-224,224bits 89        0.0147   0.0167
Prefer ECDH,P-256,256bits 465038    77.0708  87.2547
Prefer ECDH,P-384,384bits 10660     1.7667   2.0001
Prefer ECDH,P-521,521bits 15901     2.6353   2.9835
Prefer ECDH,brainpoolP512r1,512bits 3         0.0005   0.0006
Prefer ECDH,secp256k1,256bits 1         0.0002   0.0002
Prefer PFS                543950    90.1488  0
Support PFS               575507    95.3788  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
None                      2         0.0003   
None Only                 2         0.0003   
brainpoolP256r1           27492     4.5562   
brainpoolP384r1           27491     4.5561   
brainpoolP512r1           27484     4.5549   
prime192v1                1647      0.273    
prime256v1                510415    84.5911  
prime256v1 Only           428464    71.0093  
secp160k1                 1528      0.2532   
secp160r1                 1536      0.2546   
secp160r2                 1528      0.2532   
secp192k1                 1543      0.2557   
secp224k1                 1625      0.2693   
secp224r1                 5406      0.8959   
secp256k1                 29683     4.9194   
secp384r1                 88419     14.6537  
secp384r1 Only            5169      0.8567   
secp521r1                 58499     9.695    
secp521r1 Only            153       0.0254   
sect163k1                 1531      0.2537   
sect163k1 Only            3         0.0005   
sect163r1                 1529      0.2534   
sect163r2                 1529      0.2534   
sect193r1                 1529      0.2534   
sect193r2                 1529      0.2534   
sect233k1                 1614      0.2675   
sect233r1                 1614      0.2675   
sect239k1                 1614      0.2675   
sect283k1                 28930     4.7946   
sect283k1 Only            2         0.0003   
sect283r1                 28927     4.7941   
sect409k1                 28927     4.7941   
sect409r1                 28927     4.7941   
sect571k1                 28927     4.7941   
sect571r1                 28930     4.7946   
server                    38445     6.3715   
server Only               38445     6.3715   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          532806    88.3019  
unknown                        70585     11.6981  

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
                          36744     6.0896   
client                    18027     2.9876   
server                    478197    79.2516  
unknown                   70423     11.6712  

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     54563     9.0427   
ECDSA-SHA1 Only                9         0.0015   
ECDSA-SHA224                   54587     9.0467   
ECDSA-SHA256                   72567     12.0265  
ECDSA-SHA384                   72639     12.0385  
ECDSA-SHA512                   72750     12.0569  
ECDSA-SHA512 Only              118       0.0196   
RSA-MD5                        23842     3.9513   
RSA-SHA1                       462908    76.7178  
RSA-SHA1 Only                  30278     5.018    
RSA-SHA224                     387875    64.2825  
RSA-SHA256                     441866    73.2305  
RSA-SHA256 Only                8016      1.3285   
RSA-SHA384                     403401    66.8557  
RSA-SHA384 Only                4         0.0007   
RSA-SHA512                     403342    66.8459  
RSA-SHA512 Only                131       0.0217   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         282677    46.8481  
indeterminate                  38        0.0063   
intolerant                     6561      1.0874   
order-fallback                 4         0.0007   
server                         236059    39.1221  
unsupported                    14339     2.3764   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     54456     9.025    
ECDSA intolerant               652       0.1081   
ECDSA pfs-rsa-SHA512           17783     2.9472   
ECDSA soft-nopfs               15        0.0025   
RSA False                      23629     3.916    
RSA SHA1                       399316    66.1786  
RSA intolerant                 50007     8.2877   
RSA pfs-ecdsa-SHA512           99        0.0164   
RSA soft-nopfs                 389       0.0645   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     4550      0.7541   
insecure                  15701     2.6021   
secure                    583140    96.6438  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      6683      1.1076   
False                     4550      0.7541   
NONE                      592158    98.1384  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         3         0.0005   
1 only                    3         0.0005   
5                         8         0.0013   
5 only                    8         0.0013   
10                        9         0.0015   
10 only                   9         0.0015   
15                        7         0.0012   
15 only                   7         0.0012   
30                        29        0.0048   
30 only                   29        0.0048   
60                        172       0.0285   
60 only                   166       0.0275   
65                        2         0.0003   
65 only                   2         0.0003   
70                        6         0.001    
70 only                   4         0.0007   
75                        1         0.0002   
75 only                   1         0.0002   
90                        1         0.0002   
90 only                   1         0.0002   
100                       15        0.0025   
100 only                  15        0.0025   
120                       28        0.0046   
120 only                  28        0.0046   
128                       3         0.0005   
128 only                  2         0.0003   
150                       2         0.0003   
180                       83        0.0138   
180 only                  80        0.0133   
240                       12        0.002    
240 only                  12        0.002    
300                       306995    50.8783  
300 only                  304055    50.391   
302                       2         0.0003   
302 only                  2         0.0003   
360                       3         0.0005   
360 only                  2         0.0003   
400                       8         0.0013   
400 only                  8         0.0013   
420                       120       0.0199   
420 only                  103       0.0171   
480                       11        0.0018   
480 only                  11        0.0018   
500                       4         0.0007   
500 only                  4         0.0007   
540                       4         0.0007   
540 only                  4         0.0007   
600                       29961     4.9654   
600 only                  29817     4.9416   
630                       1         0.0002   
630 only                  1         0.0002   
700                       1         0.0002   
700 only                  1         0.0002   
720                       6         0.001    
720 only                  6         0.001    
840                       2         0.0003   
840 only                  2         0.0003   
900                       1560      0.2585   
900 only                  1541      0.2554   
960                       3         0.0005   
960 only                  3         0.0005   
1000                      1         0.0002   
1000 only                 1         0.0002   
1200                      3528      0.5847   
1200 only                 3525      0.5842   
1210                      2         0.0003   
1210 only                 2         0.0003   
1320                      1         0.0002   
1320 only                 1         0.0002   
1380                      1         0.0002   
1380 only                 1         0.0002   
1440                      1         0.0002   
1440 only                 1         0.0002   
1500                      4         0.0007   
1500 only                 3         0.0005   
1800                      860       0.1425   
1800 only                 839       0.139    
1980                      2         0.0003   
1980 only                 2         0.0003   
2100                      1         0.0002   
2400                      8         0.0013   
2400 only                 8         0.0013   
2700                      12        0.002    
2700 only                 12        0.002    
3000                      41        0.0068   
3000 only                 41        0.0068   
3600                      1100      0.1823   
3600 only                 1090      0.1806   
3900                      2         0.0003   
3900 only                 2         0.0003   
4200                      2         0.0003   
4200 only                 1         0.0002   
4500                      1         0.0002   
4500 only                 1         0.0002   
5160                      1         0.0002   
5160 only                 1         0.0002   
5400                      15        0.0025   
5400 only                 9         0.0015   
6000                      341       0.0565   
6000 only                 340       0.0563   
7200                      15389     2.5504   
7200 only                 15355     2.5448   
7500                      2         0.0003   
7500 only                 2         0.0003   
9000                      2         0.0003   
9000 only                 2         0.0003   
10800                     5322      0.882    
10800 only                5300      0.8784   
14400                     147       0.0244   
14400 only                144       0.0239   
18000                     9         0.0015   
18000 only                8         0.0013   
21600                     4353      0.7214   
21600 only                4353      0.7214   
25200                     1         0.0002   
25200 only                1         0.0002   
28800                     2164      0.3586   
28800 only                2164      0.3586   
30000                     2         0.0003   
30000 only                1         0.0002   
36000                     1239      0.2053   
36000 only                1231      0.204    
43200                     67        0.0111   
43200 only                67        0.0111   
54000                     2         0.0003   
54000 only                2         0.0003   
60000                     3         0.0005   
60000 only                3         0.0005   
64800                     73037     12.1044  
64800 only                73018     12.1013  
72000                     12        0.002    
72000 only                12        0.002    
79200                     1         0.0002   
79200 only                1         0.0002   
86400                     3232      0.5356   
86400 only                3222      0.534    
100800                    9169      1.5196   
100800 only               9156      1.5174   
108000                    1         0.0002   
108000 only               1         0.0002   
115200                    1         0.0002   
115200 only               1         0.0002   
129600                    6         0.001    
129600 only               6         0.001    
172800                    49        0.0081   
172800 only               49        0.0081   
216000                    3         0.0005   
216000 only               3         0.0005   
259200                    3         0.0005   
259200 only               3         0.0005   
432000                    1         0.0002   
432000 only               1         0.0002   
604800                    1         0.0002   
864000                    2         0.0003   
864000 only               2         0.0003   
7776000                   2         0.0003   
7776000 only              2         0.0003   
None                      147458    24.4382  
None only                 144200    23.8983  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      10178     1.6868   
ecdsa-with-SHA256         70598     11.7002  
sha1WithRSAEncryption     17351     2.8756   
sha256WithRSAEncryption   533303    88.3843  
sha384WithRSAEncryption   7         0.0012   
sha512WithRSAEncryption   77        0.0128   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 72865     12.0759  
ECDSA 384                 41        0.0068   
ECDSA 521                 1         0.0002   
RSA 1024                  14        0.0023   
RSA 2048                  516458    85.5926  
RSA 2049                  4         0.0007   
RSA 2056                  1         0.0002   
RSA 2058                  3         0.0005   
RSA 2059                  1         0.0002   
RSA 2080                  6         0.001    
RSA 2084                  1         0.0002   
RSA 2086                  1         0.0002   
RSA 2096                  3         0.0005   
RSA 2408                  1         0.0002   
RSA 2432                  6         0.001    
RSA 2560                  1         0.0002   
RSA 2948                  1         0.0002   
RSA 3072                  158       0.0262   
RSA 3096                  2         0.0003   
RSA 3120                  1         0.0002   
RSA 3248                  3         0.0005   
RSA 4048                  3         0.0005   
RSA 4056                  21        0.0035   
RSA 4069                  1         0.0002   
RSA 4086                  3         0.0005   
RSA 4092                  2         0.0003   
RSA 4094                  1         0.0002   
RSA 4095                  1         0.0002   
RSA 4096                  33887     5.6161   
RSA 4196                  1         0.0002   
RSA 8192                  12        0.002    
RSA 8392                  1         0.0002   
RSA/ECDSA Dual Stack      20097     3.3307

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 139486    23.117   
Unsupported               463905    76.883   

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      15694     2.601
SSL2 Only                 9         0.0015
SSL3                      88647     14.6915
SSL3 Only                 325       0.0539
SSL3 or TLS1 Only         47120     7.8092
SSL3 or lower Only        335       0.0555
TLS1                      590402    97.8473
TLS1 Only                 28435     4.7125
TLS1 or lower Only        61759     10.2353
TLS1.1                    532582    88.2648
TLS1.1 Only               43        0.0071
TLS1.1 or up Only         12475     2.0675
TLS1.2                    539663    89.4384
TLS1.2 Only               3587      0.5945
TLS1.2, 1.0 but not 1.1   5029      0.8335

Client Hello intolerance                 Count     Percent
----------------------------------------+---------+-------
Huge Cipher List                         539862    89.4713
Huge Cipher List (trunc 16388)           143271    23.7443
SSL 3.254                                19882     3.295
TLS 1.0                                  66391     11.003
TLS 1.1                                  3190      0.5287
TLS 1.2                                  67        0.0111
TLS 1.3                                  7896      1.3086
TLS 1.4                                  14758     2.4458
Xmas tree                                43001     7.1266
x:missing information                    44        0.0073



Statistics from 544239 chains provided by 734331 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  493648    67.2242
incomplete                20056     2.7312
untrusted                 220627    30.0446

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         1         0.0002
3                         540295    99.2753
4                         3930      0.7221
5                         13        0.0024

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 30197     
ECDSA 384                 30193     
RSA 1024                  9         
RSA 2045                  2         
RSA 2048                  845143    
RSA 4096                  186889    

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 30197     5.5485
ECDSA 384                 30193     5.5477
RSA 1024                  7         0.0013
RSA 2045                  2         0.0004
RSA 2048                  513612    94.3725
RSA 4096                  186227    34.2179

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              30185     
sha1WithRSAEncryption          20474     
sha256WithRSAEncryption        330105    
sha384WithRSAEncryption        167373    
sha512WithRSAEncryption        57        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        20448     3.7572
112                       493575    90.6909
128                       30216     5.552

Most popular root CAs                         Count     Percent
---------------------------------------------+---------+-------
(d6325660) COMODO RSA Certification Authority 149876    27.5386
(2c543cd1) GeoTrust Global CA                 82272     15.1169
(cbf06781) Go Daddy Root Certificate Authorit 46152     8.4801
(5ad8a5d6) GlobalSign Root CA                 42046     7.7256
(b204d74a) VeriSign Class 3 Public Primary Ce 30585     5.6198
(eed8c118) COMODO ECC Certification Authority 30178     5.545
(244b5494) DigiCert High Assurance EV Root CA 21202     3.8957
(2e4eed3c) thawte Primary Root CA             17390     3.1953
(fc5a8f99) USERTrust RSA Certification Author 17354     3.1887
(2e5ac55d) DST Root CA X3                     16492     3.0303
(653b494a) Baltimore CyberTrust Root          11315     2.079
(3513523f) DigiCert Global Root CA            10347     1.9012
(ae8153b9) StartCom Certification Authority   9044      1.6618
(4bfab552) Starfield Root Certificate Authori 9012      1.6559
(e2799e36) GeoTrust Primary Certification Aut 6148      1.1297
(480720ec) GeoTrust Primary Certification Aut 5775      1.0611
(02265526) Entrust Root Certification Authori 3969      0.7293
(ba89ed3b) thawte Primary Root CA - G3        3394      0.6236
(8096d0a9) Certification Authority of WoSign  2877      0.5286
(157753a5) AddTrust External CA Root          2782      0.5112

Most popular intermediate CA                  Count     Percent
---------------------------------------------+---------+-------
(8d28ae65) COMODO RSA Domain Validation Secur 100923    18.5439
(27eb7704) Go Daddy Secure Certificate Author 46152     8.4801
(53f3e569) RapidSSL SHA256 CA - G3            40339     7.412
(6cfa716c) COMODO ECC Domain Validation Secur 30126     5.5354
(7d9c641e) Symantec Class 3 Secure Server CA  21662     3.9802
(1400f578) cPanel, Inc. Certification Authori 19580     3.5977
(38ae8eda) DigiCert SHA2 High Assurance Serve 17140     3.1494
(4f06f81d) Let's Encrypt Authority X3         16492     3.0303
(16744f0c) AlphaSSL CA - SHA256 - G2          16239     2.9838
(493a2f06) COMODO RSA Domain Validation Secur 13442     2.4699
(10310d4b) GeoTrust SSL CA - G3               13423     2.4664
(80ecc636) RapidSSL SHA256 CA                 12795     2.351
(d7d634d4) GlobalSign Domain Validation CA -  11432     2.1005
(b85455c4) GlobalSign Organization Validation 11363     2.0879
(c43a77d9) COMODO RSA Organization Validation 11217     2.061
(85cf5865) DigiCert SHA2 Secure Server CA     10208     1.8756
(9ad474ec) thawte SSL CA - G2                 9146      1.6805
(cd7781e5) Starfield Secure Certificate Autho 9012      1.6559
(d84ef247) GeoTrust DV SSL CA - G4            7163      1.3161
(a0f7ac3e) Symantec Class 3 EV SSL CA - G3    7144      1.3127
(3d97f5e2) Verizon Akamai SureServer CA G14-S 7025      1.2908
(fd917e82) SecureCore RSA DV CA               6995      1.2853
(b71a5f76) GeoTrust EV SSL CA - G4            5724      1.0517
(661c52cc) thawte DV SSL CA - G2              5368      0.9863
(e22cd3f0) COMODO RSA Extended Validation Sec 4365      0.802
(7f8496de) StartCom Class 1 DV Server CA      3678      0.6758
(45bfefc3) DigiCert SHA2 Extended Validation  3527      0.6481
(2835d715) Entrust Certification Authority -  3328      0.6115
(f131b364) RapidSSL CA                        3180      0.5843
(98d7cad7) GeoTrust DV SSL CA - G3            3154      0.5795



Scan performed between 20th of July and 17th of August 2016