February 2015 scan results

This month the amount of HTTP servers with trusted certificate has grown again,
this time by just under 2%.

Cipher suites that use 3DES or AES have essentially retained their marketshare,
with slight increase in 3DES and AES-GCM use. Servers which support just RC4 or
prefer RC4 over other ciphers has also remained unchanged, as have the use of
completely insecure export grade and 54 bit ciphers.

Server side cipher ordering also didn’t change by much, though it has risen.

Support for ciphersuites that provides forward secrecy has also seen only
insignificant changes. Preference for DHE has remained the same, for ECDHE
has risen only very slightly. Though it is a bit surprising, as support for both
ECDHE and DHE has risen by more than a percent. Nearly all of this change is
attributed to support for P-256 curve and 2048 bit finite-field DHE.

Similarly, support for server side curve ordering or chosen signature algorithms
essentially remained the same.

The only measurement that has noted change above 1% are the signature algorithms
on server certificates, with SHA-1 loosing another 3.8% and SHA-256 gaining same
amount. Used key sizes haven’t changed though.

SSLv3 support still remains high, with 33% of surveyed servers still supporting
this insecure protocol. The good news is that only 0.33% of all servers scanned
support just SSLv3 or SSLv2, so browsers and users are safe to disable this
protocol without fear of interoperability issues.

SSL/TLS survey of 478847 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      389395    81.3193
3DES Only                 446       0.0931
AES                       452703    94.5402
AES Only                  7959      1.6621
AES-CBC Only              4111      0.8585
AES-GCM                   275395    57.5121
AES-GCM Only              21        0.0044
CAMELLIA                  201517    42.0838
CAMELLIA Only             1         0.0002
CHACHA20                  27231     5.6868
Insecure                  88014     18.3804
RC4                       362499    75.7025
RC4 Only                  3578      0.7472
RC4 Preferred             63514     13.2639
RC4 forced in TLS1.1+     40750     8.51
x:FF 29 RC4 Only          545       0.1138
x:FF 29 RC4 Preferred     68531     14.3117
x:FF 29 incompatible      135       0.0282
y:DHE-RSA-SEED-SHA        106333    22.206
y:IDEA-CBC-MD5            2911      0.6079
y:IDEA-CBC-SHA            85651     17.8869
y:SEED-SHA                103273    21.567
z:ADH-AES128-GCM-SHA256   352       0.0735
z:ADH-AES128-SHA          983       0.2053
z:ADH-AES128-SHA256       278       0.0581
z:ADH-AES256-GCM-SHA384   367       0.0766
z:ADH-AES256-SHA          995       0.2078
z:ADH-AES256-SHA256       282       0.0589
z:ADH-CAMELLIA128-SHA     440       0.0919
z:ADH-CAMELLIA256-SHA     449       0.0938
z:ADH-DES-CBC-SHA         378       0.0789
z:ADH-DES-CBC3-SHA        1011      0.2111
z:ADH-RC4-MD5             787       0.1644
z:ADH-SEED-SHA            293       0.0612
z:AECDH-AES128-SHA        14530     3.0344
z:AECDH-AES256-SHA        14530     3.0344
z:AECDH-DES-CBC3-SHA      14487     3.0254
z:AECDH-NULL-SHA          38        0.0079
z:AECDH-RC4-SHA           13507     2.8207
z:DES-CBC-MD5             18469     3.857
z:DES-CBC-SHA             49506     10.3386
z:DES-CBC3-MD5            33718     7.0415
z:ECDHE-RSA-NULL-SHA      43        0.009
z:EDH-RSA-DES-CBC-SHA     42281     8.8298
z:EXP-ADH-DES-CBC-SHA     302       0.0631
z:EXP-ADH-RC4-MD5         306       0.0639
z:EXP-DES-CBC-SHA         35244     7.3602
z:EXP-EDH-RSA-DES-CBC-SHA 24614     5.1403
z:EXP-RC2-CBC-MD5         40047     8.3632
z:EXP-RC4-MD5             42873     8.9534
z:EXP1024-DES-CBC-SHA     9396      1.9622
z:EXP1024-RC4-SHA         9557      1.9958
z:NULL-MD5                292       0.061
z:NULL-SHA                292       0.061
z:NULL-SHA256             12        0.0025
z:RC2-CBC-MD5             18829     3.9322
z:RC4-64-MD5              1529      0.3193

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               141265    29.5011
Server side               337582    70.4989

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       1120      0.2339
AECDH                     14557     3.04
DHE                       256190    53.5014
ECDHE                     305994    63.9022
ECDHE and DHE             154553    32.2761
RSA                       446580    93.2615

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               214103    44.7122  83.572
DH,1536bits               1         0.0002   0.0004
DH,2048bits               39131     8.1719   15.2742
DH,2226bits               1         0.0002   0.0004
DH,2236bits               1         0.0002   0.0004
DH,3072bits               19        0.004    0.0074
DH,3248bits               2         0.0004   0.0008
DH,4094bits               1         0.0002   0.0004
DH,4096bits               2115      0.4417   0.8256
DH,512bits                87        0.0182   0.034
DH,768bits                759       0.1585   0.2963
DH,8192bits               1         0.0002   0.0004
ECDH,B-163,163bits        7         0.0015   0.0023
ECDH,B-571,570bits        707       0.1476   0.2311
ECDH,K-163,163bits        1         0.0002   0.0003
ECDH,P-224,224bits        51        0.0107   0.0167
ECDH,P-256,256bits        299807    62.6102  97.9781
ECDH,P-384,384bits        3156      0.6591   1.0314
ECDH,P-521,521bits        4454      0.9302   1.4556
Prefer DH,1024bits        99375     20.753   38.7896
Prefer DH,2048bits        2882      0.6019   1.1249
Prefer DH,2236bits        1         0.0002   0.0004
Prefer DH,4096bits        90        0.0188   0.0351
Prefer DH,512bits         3         0.0006   0.0012
Prefer DH,768bits         420       0.0877   0.1639
Prefer ECDH,B-163,163bits 7         0.0015   0.0023
Prefer ECDH,B-571,570bits 521       0.1088   0.1703
Prefer ECDH,K-163,163bits 1         0.0002   0.0003
Prefer ECDH,P-224,224bits 18        0.0038   0.0059
Prefer ECDH,P-256,256bits 243201    50.7889  79.479
Prefer ECDH,P-384,384bits 3079      0.643    1.0062
Prefer ECDH,P-521,521bits 4146      0.8658   1.3549
Prefer PFS                353744    73.8741  0
Support PFS               407631    85.1276  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
brainpoolP256r1           77        0.0161   
brainpoolP384r1           77        0.0161   
brainpoolP512r1           77        0.0161   
prime192v1                721       0.1506   
prime256v1                305466    63.792   
prime256v1 Only           265378    55.4202  
secp160k1                 689       0.1439   
secp160r1                 688       0.1437   
secp160r2                 688       0.1437   
secp192k1                 716       0.1495   
secp224k1                 747       0.156    
secp224r1                 1221      0.255    
secp224r1 Only            1         0.0002   
secp256k1                 766       0.16     
secp384r1                 40252     8.406    
secp384r1 Only            166       0.0347   
secp521r1                 9985      2.0852   
secp521r1 Only            86        0.018    
sect163k1                 688       0.1437   
sect163r1                 688       0.1437   
sect163r2                 695       0.1451   
sect163r2 Only            7         0.0015   
sect193r1                 688       0.1437   
sect193r2                 688       0.1437   
sect233k1                 738       0.1541   
sect233r1                 738       0.1541   
sect239k1                 737       0.1539   
sect283k1                 737       0.1539   
sect283r1                 737       0.1539   
sect409k1                 737       0.1539   
sect409r1                 737       0.1539   
sect571k1                 756       0.1579   
sect571r1                 756       0.1579   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          75947     15.8604  
True                           188432    39.3512  
order-specific                 12        0.0025   
unknown                        214456    44.7859  

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
client                    1661      0.3469   
inconclusive-noecc        4         0.0008   
server                    304074    63.5013  
unknown                   173108    36.151   

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     27872     5.8206   
ECDSA-SHA224                   27873     5.8209   
ECDSA-SHA256                   27873     5.8209   
ECDSA-SHA384                   27874     5.8211   
ECDSA-SHA512                   27874     5.8211   
RSA-MD5                        132832    27.74    
RSA-MD5 Only                   1         0.0002   
RSA-SHA1                       275469    57.5276  
RSA-SHA1 Only                  42560     8.888    
RSA-SHA224                     224806    46.9474  
RSA-SHA256                     235988    49.2825  
RSA-SHA256 Only                2701      0.5641   
RSA-SHA384                     225210    47.0317  
RSA-SHA512                     225254    47.0409  
RSA-SHA512 Only                39        0.0081   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         206251    43.0724  
indeterminate                  7         0.0015   
intolerant                     1409      0.2942   
order-fallback                 2         0.0004   
server                         98943     20.6628  
unsupported                    37273     7.7839   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     27871     5.8204   
ECDSA intolerant               4         0.0008   
ECDSA pfs-rsa-SHA512           1         0.0002   
RSA False                      131264    27.4125  
RSA SHA1                       125024    26.1094  
RSA intolerant                 20874     4.3592   
RSA pfs-ecdsa-SHA512           1         0.0002   
RSA soft-nopfs                 1609      0.336    

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     9764      2.0391   
insecure                  25819     5.3919   
secure                    443264    92.569   

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      15459     3.2284   
False                     9764      2.0391   
NONE                      453624    94.7326  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         2         0.0004   
1 only                    2         0.0004   
2                         2         0.0004   
2 only                    2         0.0004   
5                         1         0.0002   
5 only                    1         0.0002   
10                        4         0.0008   
10 only                   4         0.0008   
15                        8         0.0017   
15 only                   8         0.0017   
30                        10        0.0021   
30 only                   10        0.0021   
60                        71        0.0148   
60 only                   64        0.0134   
65                        1         0.0002   
65 only                   1         0.0002   
70                        4         0.0008   
75                        1         0.0002   
75 only                   1         0.0002   
100                       11        0.0023   
100 only                  11        0.0023   
120                       24        0.005    
120 only                  23        0.0048   
128                       3         0.0006   
128 only                  3         0.0006   
180                       47        0.0098   
180 only                  45        0.0094   
240                       11        0.0023   
240 only                  11        0.0023   
300                       201017    41.9794  
300 only                  192323    40.1638  
360                       2         0.0004   
360 only                  1         0.0002   
400                       4         0.0008   
400 only                  4         0.0008   
420                       37        0.0077   
420 only                  26        0.0054   
480                       16        0.0033   
480 only                  14        0.0029   
500                       4         0.0008   
500 only                  4         0.0008   
600                       14965     3.1252   
600 only                  14676     3.0649   
720                       1         0.0002   
720 only                  1         0.0002   
840                       1         0.0002   
840 only                  1         0.0002   
900                       520       0.1086   
900 only                  500       0.1044   
960                       2         0.0004   
960 only                  2         0.0004   
1000                      1         0.0002   
1000 only                 1         0.0002   
1200                      286       0.0597   
1200 only                 283       0.0591   
1500                      9         0.0019   
1500 only                 8         0.0017   
1800                      343       0.0716   
1800 only                 334       0.0698   
2100                      1         0.0002   
2100 only                 1         0.0002   
2400                      2         0.0004   
2400 only                 2         0.0004   
2700                      5         0.001    
2700 only                 5         0.001    
3000                      11        0.0023   
3000 only                 11        0.0023   
3600                      329       0.0687   
3600 only                 312       0.0652   
5400                      10        0.0021   
6000                      3         0.0006   
6000 only                 3         0.0006   
7200                      14085     2.9414   
7200 only                 11423     2.3855   
10800                     1006      0.2101   
10800 only                1001      0.209    
14400                     1416      0.2957   
14400 only                1415      0.2955   
18000                     1         0.0002   
18000 only                1         0.0002   
21600                     4976      1.0392   
21600 only                4973      1.0385   
28800                     12        0.0025   
28800 only                11        0.0023   
36000                     980       0.2047   
36000 only                975       0.2036   
43200                     101       0.0211   
43200 only                101       0.0211   
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     45713     9.5465   
64800 only                45710     9.5458   
72000                     8         0.0017   
72000 only                8         0.0017   
86000                     28        0.0058   
86000 only                28        0.0058   
86400                     225       0.047    
86400 only                224       0.0468   
93600                     1         0.0002   
93600 only                1         0.0002   
100800                    12805     2.6741   
100800 only               12805     2.6741   
129600                    8         0.0017   
129600 only               8         0.0017   
172800                    1         0.0002   
172800 only               1         0.0002   
604800                    1         0.0002   
604800 only               1         0.0002   
864000                    3         0.0006   
864000 only               3         0.0006   
None                      191458    39.9831  
None only                 179709    37.5295  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      15481     3.233    
ecdsa-with-SHA256         27852     5.8165   
sha1WithRSAEncryption     247414    51.6687  
sha256WithRSAEncryption   203665    42.5324  
sha512WithRSAEncryption   10        0.0021   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 27873     5.8209   
ECDSA 384                 4         0.0008   
RSA 1024                  586       0.1224   
RSA 10240                 4         0.0008   
RSA 2028                  1         0.0002   
RSA 2047                  1         0.0002   
RSA 2048                  434653    90.7707  
RSA 2049                  2         0.0004   
RSA 2056                  3         0.0006   
RSA 2058                  4         0.0008   
RSA 2064                  1         0.0002   
RSA 2080                  2         0.0004   
RSA 2084                  14        0.0029   
RSA 2096                  1         0.0002   
RSA 2408                  3         0.0006   
RSA 2432                  5         0.001    
RSA 2612                  1         0.0002   
RSA 3072                  81        0.0169   
RSA 3102                  1         0.0002   
RSA 3248                  3         0.0006   
RSA 3600                  1         0.0002   
RSA 4042                  1         0.0002   
RSA 4048                  2         0.0004   
RSA 4056                  32        0.0067   
RSA 4069                  1         0.0002   
RSA 4086                  2         0.0004   
RSA 4092                  2         0.0004   
RSA 4096                  15597     3.2572   
RSA 4098                  2         0.0004   
RSA 8192                  4         0.0008   
RSA/ECDSA Dual Stack      30        0.0063

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 79626     16.6287  
Unsupported               399221    83.3713  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      34004     7.1012
SSL2 Only                 83        0.0173
SSL3                      160049    33.4238
SSL3 Only                 1554      0.3245
SSL3 or TLS1 Only         99562     20.792
SSL3 or lower Only        1597      0.3335
TLS1                      476217    99.4508
TLS1 Only                 53875     11.251
TLS1 or lower Only        130773    27.31
TLS1.1                    333272    69.5988
TLS1.1 Only               6         0.0013
TLS1.1 or up Only         690       0.1441
TLS1.2                    343871    71.8123
TLS1.2 Only               495       0.1034
TLS1.2, 1.0 but not 1.1   12594     2.6301

Statistics from 506677 chains provided by 663743 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  445855    67.1728
incomplete                28915     4.3564
untrusted                 188973    28.4708


Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         1250      0.2467
3                         435699    85.9915
4                         69697     13.7557
5                         31        0.0061

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 27724     
ECDSA 384                 27724     
RSA 1024                  1237      
RSA 2045                  1         
RSA 2048                  945864    
RSA 4096                  79313     

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 27724     5.4717
ECDSA 384                 27724     5.4717
RSA 1024                  1233      0.2434
RSA 2045                  1         0.0002
RSA 2048                  477582    94.2577
RSA 4096                  78697     15.532

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              27724     
sha1WithRSAEncryption          272982    
sha256WithRSAEncryption        141436    
sha384WithRSAEncryption        133014    
sha512WithRSAEncryption        30        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        273108    53.9018
112                       205843    40.6261
128                       27726     5.4721

Root CAs                                      Count     Percent
---------------------------------------------+---------+-------
(2c543cd1) GeoTrust Global CA                 112003    22.1054
(157753a5) AddTrust External CA Root          103054    20.3392
(5ad8a5d6) GlobalSign Root CA                 51402     10.1449
(cbf06781) Go Daddy Root Certificate Authorit 42982     8.4831
(b204d74a) VeriSign Class 3 Public Primary Ce 29072     5.7378
(eed8c118) COMODO ECC Certification Authority 27720     5.4709
(2e4eed3c) thawte Primary Root CA             26917     5.3125
(244b5494) DigiCert High Assurance EV Root CA 23747     4.6868
(653b494a) Baltimore CyberTrust Root          11804     2.3297
(f081611a) The Go Daddy Group, Inc.           11749     2.3188
(b13cc6df) UTN-USERFirst-Hardware             9836      1.9413
(ae8153b9) StartCom Certification Authority   9546      1.884
(f387163d) Starfield Technologies, Inc.       8019      1.5827
(40547a79) COMODO Certification Authority     6997      1.381
(3513523f) DigiCert Global Root CA            5757      1.1362


Scan performed between 19th and 27th of February 2015.
Advertisements

2 comments

  1. Could you add “mon.service-public.fr” to your scan?
    It’s a government single-sign on service with shockingly bad security (and MitM vulnerabilities), but I’d like it to make firefox’s RC4 whitelist eventually.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s