tls

September 2015 scan results

(I have declared “analysis bankruptcy”, only raw results available for this month. Sorry! 🙇)

SSL/TLS survey of 514491 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      441032    85.722
3DES Only                 662       0.1287
AES                       506240    98.3963
AES Only                  20155     3.9175
AES-CBC                   506132    98.3753
AES-CBC Only              9532      1.8527
AES-GCM                   372880    72.4755
AES-GCM Only              53        0.0103
CAMELLIA                  228600    44.4323
CAMELLIA Only             1         0.0002
CHACHA20                  63632     12.368
CHACHA20 Only             1         0.0002
Insecure                  64742     12.5837
RC4                       231507    44.9973
RC4 Only                  1252      0.2433
RC4 Preferred             27685     5.381
RC4 forced in TLS1.1+     15710     3.0535
x:FF 29 RC4 Only          1532      0.2978
x:FF 29 RC4 Preferred     31430     6.109
x:FF 29 incompatible      137       0.0266
x:FF 35 RC4 Only          1845      0.3586
x:FF 35 RC4 Preferred     31550     6.1323
x:FF 35 incompatible      138       0.0268
y:DHE-RSA-SEED-SHA        86011     16.7177
y:IDEA-CBC-SHA            78923     15.34
y:SEED-SHA                96111     18.6808
z:ADH-AES128-GCM-SHA256   333       0.0647
z:ADH-AES128-SHA          745       0.1448
z:ADH-AES128-SHA256       236       0.0459
z:ADH-AES256-GCM-SHA384   343       0.0667
z:ADH-AES256-SHA          749       0.1456
z:ADH-AES256-SHA256       236       0.0459
z:ADH-CAMELLIA128-SHA     344       0.0669
z:ADH-CAMELLIA256-SHA     350       0.068
z:ADH-DES-CBC-SHA         321       0.0624
z:ADH-DES-CBC3-SHA        759       0.1475
z:ADH-RC4-MD5             621       0.1207
z:ADH-SEED-SHA            272       0.0529
z:AECDH-AES128-SHA        12374     2.4051
z:AECDH-AES256-SHA        12403     2.4107
z:AECDH-DES-CBC3-SHA      12331     2.3967
z:AECDH-NULL-SHA          55        0.0107
z:AECDH-RC4-SHA           11656     2.2655
z:DES-CBC-MD5             12201     2.3715
z:DES-CBC-SHA             37676     7.323
z:DES-CBC3-MD5            24906     4.8409
z:ECDHE-RSA-NULL-SHA      59        0.0115
z:EDH-RSA-DES-CBC-SHA     32341     6.286
z:EXP-ADH-DES-CBC-SHA     225       0.0437
z:EXP-ADH-RC4-MD5         222       0.0431
z:EXP-DES-CBC-SHA         16253     3.159
z:EXP-EDH-RSA-DES-CBC-SHA 13136     2.5532
z:EXP-RC2-CBC-MD5         19785     3.8455
z:EXP-RC4-MD5             20799     4.0426
z:EXP1024-DES-CBC-SHA     5124      0.9959
z:EXP1024-RC4-SHA         5211      1.0128
z:IDEA-CBC-MD5            2368      0.4603
z:NULL-MD5                228       0.0443
z:NULL-SHA                231       0.0449
z:NULL-SHA256             22        0.0043
z:RC2-CBC-MD5             12471     2.4239
z:RC4-64-MD5              1000      0.1944

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               131154    25.492
Server side               383337    74.508

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       872       0.1695
AECDH                     12430     2.416
DHE                       282349    54.8793
ECDH                      3         0.0006
ECDHE                     400761    77.8947
ECDHE and DHE             210872    40.9865
RSA                       466026    90.58

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               176947    34.3926  62.6696
DH,1536bits               1         0.0002   0.0004
DH,2048bits               97579     18.9661  34.5597
DH,2236bits               10        0.0019   0.0035
DH,2560bits               1         0.0002   0.0004
DH,3072bits               1027      0.1996   0.3637
DH,3092bits               1         0.0002   0.0004
DH,4096bits               6303      1.2251   2.2323
DH,512bits                53        0.0103   0.0188
DH,768bits                502       0.0976   0.1778
DH,8192bits               1         0.0002   0.0004
ECDH,B-163,163bits        1         0.0002   0.0002
ECDH,B-571,570bits        1514      0.2943   0.3778
ECDH,K-163,163bits        1         0.0002   0.0002
ECDH,K-571,570bits        1         0.0002   0.0002
ECDH,P-192,192bits        2         0.0004   0.0005
ECDH,P-224,224bits        89        0.0173   0.0222
ECDH,P-256,256bits        389270    75.6612  97.1327
ECDH,P-384,384bits        2668      0.5186   0.6657
ECDH,P-521,521bits        8073      1.5691   2.0144
Prefer DH,1024bits        63712     12.3835  22.565
Prefer DH,1536bits        1         0.0002   0.0004
Prefer DH,2048bits        9342      1.8158   3.3087
Prefer DH,2236bits        1         0.0002   0.0004
Prefer DH,3072bits        14        0.0027   0.005
Prefer DH,4096bits        342       0.0665   0.1211
Prefer DH,768bits         102       0.0198   0.0361
Prefer ECDH,B-163,163bits 1         0.0002   0.0002
Prefer ECDH,B-571,570bits 1305      0.2536   0.3256
Prefer ECDH,K-163,163bits 1         0.0002   0.0002
Prefer ECDH,K-571,570bits 1         0.0002   0.0002
Prefer ECDH,P-224,224bits 55        0.0107   0.0137
Prefer ECDH,P-256,256bits 337269    65.5539  84.1571
Prefer ECDH,P-384,384bits 2525      0.4908   0.6301
Prefer ECDH,P-521,521bits 7266      1.4123   1.8131
Prefer PFS                421937    82.0106  0
Support PFS               472238    91.7874  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
brainpoolP256r1           1285      0.2498   
brainpoolP384r1           1285      0.2498   
brainpoolP512r1           1285      0.2498   
prime192v1                1409      0.2739   
prime256v1                399379    77.626   
prime256v1 Only           346484    67.345   
secp160k1                 1372      0.2667   
secp160r1                 1376      0.2674   
secp160r2                 1372      0.2667   
secp192k1                 1393      0.2708   
secp224k1                 1466      0.2849   
secp224r1                 3478      0.676    
secp224r1 Only            2         0.0004   
secp256k1                 2664      0.5178   
secp384r1                 53002     10.3018  
secp384r1 Only            342       0.0665   
secp521r1                 22491     4.3715   
secp521r1 Only            118       0.0229   
sect163k1                 1376      0.2674   
sect163k1 Only            2         0.0004   
sect163r1                 1374      0.2671   
sect163r2                 1375      0.2673   
sect163r2 Only            1         0.0002   
sect193r1                 1374      0.2671   
sect193r2                 1374      0.2671   
sect233k1                 1460      0.2838   
sect233r1                 1458      0.2834   
sect239k1                 1458      0.2834   
sect283k1                 2637      0.5125   
sect283r1                 2637      0.5125   
sect409k1                 2637      0.5125   
sect409r1                 2637      0.5125   
sect571k1                 2650      0.5151   
sect571r1                 2650      0.5151   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          69342     13.4778  
True                           279091    54.246   
order-specific                 247       0.048    
unknown                        165811    32.2282  

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
client                    4128      0.8023   
inconclusive-noecc        10        0.0019   
server                    395723    76.9154  
unknown                   114630    22.2803  

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     36846     7.1616   
ECDSA-SHA1 Only                3         0.0006   
ECDSA-SHA224                   36847     7.1618   
ECDSA-SHA256                   36861     7.1646   
ECDSA-SHA384                   36862     7.1648   
ECDSA-SHA512                   36877     7.1677   
ECDSA-SHA512 Only              15        0.0029   
RSA-MD5                        169404    32.9265  
RSA-SHA1                       349277    67.8879  
RSA-SHA1 Only                  46373     9.0134   
RSA-SHA224                     283789    55.1592  
RSA-SHA256                     309288    60.1153  
RSA-SHA256 Only                5302      1.0305   
RSA-SHA384                     284974    55.3895  
RSA-SHA384 Only                1         0.0002   
RSA-SHA512                     285175    55.4286  
RSA-SHA512 Only                218       0.0424   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         247485    48.1029  
indeterminate                  113       0.022    
intolerant                     3917      0.7613   
order-fallback                 6         0.0012   
server                         141461    27.4953  
unsupported                    22160     4.3072   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     36832     7.1589   
ECDSA intolerant               63        0.0122   
ECDSA pfs-rsa-SHA512           1         0.0002   
RSA False                      168019    32.6573  
RSA SHA1                       154614    30.0518  
RSA intolerant                 32671     6.3502   
RSA pfs-ecdsa-SHA512           1         0.0002   
RSA soft-nopfs                 1437      0.2793   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     6340      1.2323   
insecure                  19961     3.8798   
secure                    488190    94.888   

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      10392     2.0199   
False                     6340      1.2323   
NONE                      497759    96.7479  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         4         0.0008   
1 only                    4         0.0008   
2                         2         0.0004   
2 only                    2         0.0004   
5                         1         0.0002   
5 only                    1         0.0002   
10                        7         0.0014   
10 only                   7         0.0014   
15                        8         0.0016   
15 only                   8         0.0016   
30                        11        0.0021   
30 only                   10        0.0019   
60                        93        0.0181   
60 only                   87        0.0169   
65                        1         0.0002   
65 only                   1         0.0002   
70                        7         0.0014   
100                       14        0.0027   
100 only                  14        0.0027   
120                       30        0.0058   
120 only                  30        0.0058   
128                       2         0.0004   
128 only                  2         0.0004   
150                       2         0.0004   
180                       39        0.0076   
180 only                  37        0.0072   
240                       14        0.0027   
240 only                  14        0.0027   
300                       232702    45.2296  
300 only                  227970    44.3098  
302                       2         0.0004   
302 only                  2         0.0004   
360                       2         0.0004   
360 only                  1         0.0002   
400                       7         0.0014   
400 only                  7         0.0014   
420                       113       0.022    
420 only                  87        0.0169   
480                       11        0.0021   
480 only                  11        0.0021   
500                       4         0.0008   
500 only                  4         0.0008   
540                       1         0.0002   
540 only                  1         0.0002   
600                       24187     4.7012   
600 only                  24031     4.6708   
720                       2         0.0004   
720 only                  2         0.0004   
840                       2         0.0004   
840 only                  2         0.0004   
900                       718       0.1396   
900 only                  702       0.1364   
960                       3         0.0006   
960 only                  3         0.0006   
1200                      2085      0.4053   
1200 only                 2080      0.4043   
1320                      1         0.0002   
1320 only                 1         0.0002   
1500                      11        0.0021   
1500 only                 10        0.0019   
1800                      473       0.0919   
1800 only                 468       0.091    
2100                      1         0.0002   
2100 only                 1         0.0002   
2400                      6         0.0012   
2400 only                 6         0.0012   
2700                      7         0.0014   
2700 only                 7         0.0014   
3000                      19        0.0037   
3000 only                 19        0.0037   
3600                      512       0.0995   
3600 only                 498       0.0968   
3900                      1         0.0002   
3900 only                 1         0.0002   
4200                      1         0.0002   
5160                      1         0.0002   
5160 only                 1         0.0002   
5400                      14        0.0027   
5400 only                 6         0.0012   
6000                      3         0.0006   
6000 only                 3         0.0006   
7200                      16177     3.1443   
7200 only                 16154     3.1398   
10800                     2416      0.4696   
10800 only                2411      0.4686   
14400                     70        0.0136   
14400 only                70        0.0136   
18000                     7         0.0014   
18000 only                7         0.0014   
21600                     4966      0.9652   
21600 only                4963      0.9646   
28800                     2049      0.3983   
28800 only                637       0.1238   
36000                     1187      0.2307   
36000 only                1176      0.2286   
43200                     35        0.0068   
43200 only                35        0.0068   
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     51944     10.0962  
64800 only                51911     10.0898  
72000                     13        0.0025   
72000 only                13        0.0025   
86000                     31        0.006    
86000 only                31        0.006    
86400                     3546      0.6892   
86400 only                3543      0.6886   
100800                    11273     2.1911   
100800 only               11263     2.1892   
129600                    9         0.0017   
129600 only               9         0.0017   
172800                    7         0.0014   
172800 only               7         0.0014   
216000                    1         0.0002   
216000 only               1         0.0002   
432000                    2         0.0004   
432000 only               2         0.0004   
604800                    1         0.0002   
604800 only               1         0.0002   
864000                    3         0.0006   
864000 only               3         0.0006   
2592000                   1         0.0002   
2592000 only              1         0.0002   
None                      166108    32.2859  
None only                 159631    31.027   

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      13099     2.546    
ecdsa-with-SHA256         36858     7.164    
sha1WithRSAEncryption     100797    19.5916  
sha256WithRSAEncryption   377291    73.3329  
sha384WithRSAEncryption   6         0.0012   
sha512WithRSAEncryption   26        0.0051   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 36891     7.1704   
ECDSA 384                 8         0.0016   
RSA 1024                  68        0.0132   
RSA 10240                 5         0.001    
RSA 2048                  459006    89.2156  
RSA 2049                  3         0.0006   
RSA 2056                  2         0.0004   
RSA 2058                  2         0.0004   
RSA 2064                  1         0.0002   
RSA 2078                  1         0.0002   
RSA 2080                  2         0.0004   
RSA 2084                  6         0.0012   
RSA 2096                  2         0.0004   
RSA 2408                  1         0.0002   
RSA 2432                  2         0.0004   
RSA 2480                  1         0.0002   
RSA 2890                  1         0.0002   
RSA 3024                  1         0.0002   
RSA 3071                  1         0.0002   
RSA 3072                  119       0.0231   
RSA 3248                  3         0.0006   
RSA 4042                  1         0.0002   
RSA 4048                  1         0.0002   
RSA 4056                  26        0.0051   
RSA 4069                  2         0.0004   
RSA 4092                  6         0.0012   
RSA 4094                  1         0.0002   
RSA 4096                  18374     3.5713   
RSA 8192                  5         0.001    
RSA/ECDSA Dual Stack      44        0.0086

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 110108    21.4013  
Unsupported               404383    78.5987  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      25202     4.8984
SSL2 Only                 15        0.0029
SSL3                      126817    24.649
SSL3 Only                 549       0.1067
SSL3 or TLS1 Only         72846     14.1588
SSL3 or lower Only        571       0.111
TLS1                      510753    99.2735
TLS1 Only                 43061     8.3696
TLS1 or lower Only        96394     18.7358
TLS1.1                    405071    78.7324
TLS1.1 Only               30        0.0058
TLS1.1 or up Only         2939      0.5712
TLS1.2                    415131    80.6877
TLS1.2 Only               1267      0.2463
TLS1.2, 1.0 but not 1.1   11078     2.1532

Statistics from 481615 chains provided by 696385 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  438491    62.9667
incomplete                20877     2.9979
untrusted                 237017    34.0353

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         214       0.0444
3                         479299    99.5191
4                         2064      0.4286
5                         38        0.0079

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 21571     
ECDSA 384                 21574     
RSA 1024                  189       
RSA 2045                  3         
RSA 2048                  797792    
RSA 4096                  124027    

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 21571     4.4789
ECDSA 384                 21574     4.4795
RSA 1024                  187       0.0388
RSA 2045                  3         0.0006
RSA 2048                  459556    95.4198
RSA 4096                  123505    25.6439

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              21569     
sha1WithRSAEncryption          87272     
sha256WithRSAEncryption        264799    
sha384WithRSAEncryption        109831    
sha512WithRSAEncryption        70        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        87432     18.1539
112                       372602    77.3651
128                       21581     4.481

Root CAs                                      Count     Percent
---------------------------------------------+---------+-------
(2c543cd1) GeoTrust Global CA                 102403    21.2624
(d6325660) COMODO RSA Certification Authority 101866    21.1509
(cbf06781) Go Daddy Root Certificate Authorit 47350     9.8315
(5ad8a5d6) GlobalSign Root CA                 41408     8.5977
(b204d74a) VeriSign Class 3 Public Primary Ce 26837     5.5723
(244b5494) DigiCert High Assurance EV Root CA 25125     5.2168
(2e4eed3c) thawte Primary Root CA             22902     4.7553
(eed8c118) COMODO ECC Certification Authority 21557     4.476
(653b494a) Baltimore CyberTrust Root          11908     2.4725
(157753a5) AddTrust External CA Root          10009     2.0782
(ae8153b9) StartCom Certification Authority   8637      1.7933
(fc5a8f99) USERTrust RSA Certification Author 7875      1.6351
(3513523f) DigiCert Global Root CA            7502      1.5577
(4bfab552) Starfield Root Certificate Authori 6246      1.2969
(480720ec) GeoTrust Primary Certification Aut 5252      1.0905
(f387163d) Starfield Technologies, Inc.       4889      1.0151


Scan performed between 18th and 28th of September 2015.
Advertisements

August 2015 scan results

Another rather uneventful month – more TLS servers among Alexa top 1 million, more support for AES-GCM, ECDHE, TLS1.2. Less servers with bad configurations – RC4 and other insecure ciphers, SSL2 and SSL3, SHA-1 certificates.

Cipher suites

AES in CBC mode remains unchanged but we see continued growth of the GCM, with it gaining another 2%. Despite its age, 3DES is still showing growth with 1% more servers supporting it, likely because of removal of RC4, which lost another 3% overall and 0.4% for servers which prefer it. There are still over 1300 servers among Alexa top 1 million that support only RC4 (0.27% of total).

Similarly, the overall percentage of servers which support completely insecure ciphers has dropped by over 1.5%.

Despite FREAK and Logjam, over 6.5% of servers support export grade ciphers.

Key exchange

ECDHE support is still growing, although at a rather slow pace – this month 2.2% more servers were willing to use this mechanism. DHE has fallen by nearly 1.5%

As always, the growth was fuelled by adding support for the P-256 curve.

Support as well as preference for PFS has grown – by just under a 1% and 1.5% respectively

Hash and signature algorithms

Unfortunately the roll-out of TLS 1.2 also brings with itself additional servers willing to negotiate MD5 signature algorithm on ServerKeyExchange messages, it has grown by 1% month over month.

Support for SHA-256 has grown by 2% so deployment of more capable systems is at least higher.

Vulnerabilities

Support for insecure renegotiation is still at a fairly high level of 4%, falling just by 0.2% since last month.

Compression has fallen by a same amount, reducing the percentage of servers vulnerable to CRIME to 2.1%

Certificates

Certificates using SHA-1 signatures have fallen by just over 6%, getting replaced mostly by RSA certificates signed with SHA-256 with some signed by ECDSA.

2048 bit RSA sees little changes, towering at nearly 90% of all servers.

Protocols

SSLv2 and SSLv3 continue their journey down, at the same slow pace. But we are at a level of just 600 servers in Alexa Top 1 million requiring use of SSLv3 to connect. Over 99% of servers support at least TLSv1.0.

At the same time, we have reached the milestone of “only one in five servers supporting TLSv1.0 as the highest protocol version”. We are shy of just 0.3% to be able to say that 4 in 5 servers support TLSv1.2!

Results

SSL/TLS survey of 509351 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      435183    85.4387
3DES Only                 725       0.1423
AES                       500583    98.2786
AES Only                  18647     3.6609
AES-CBC                   500485    98.2594
AES-CBC Only              9344      1.8345
AES-GCM                   363787    71.4217
AES-GCM Only              37        0.0073
CAMELLIA                  225125    44.1984
CAMELLIA Only             3         0.0006
CHACHA20                  63145     12.3971
CHACHA20 Only             2         0.0004
Insecure                  67027     13.1593
RC4                       239979    47.1147
RC4 Only                  1395      0.2739
RC4 Preferred             29355     5.7632
RC4 forced in TLS1.1+     16525     3.2443
x:FF 29 RC4 Only          1696      0.333
x:FF 29 RC4 Preferred     33338     6.5452
x:FF 29 incompatible      107       0.021
x:FF 35 RC4 Only          2022      0.397
x:FF 35 RC4 Preferred     33466     6.5703
x:FF 35 incompatible      112       0.022
y:DHE-RSA-SEED-SHA        85997     16.8836
y:IDEA-CBC-SHA            78567     15.4249
y:SEED-SHA                95725     18.7935
z:ADH-AES128-GCM-SHA256   290       0.0569
z:ADH-AES128-SHA          690       0.1355
z:ADH-AES128-SHA256       194       0.0381
z:ADH-AES256-GCM-SHA384   300       0.0589
z:ADH-AES256-SHA          701       0.1376
z:ADH-AES256-SHA256       196       0.0385
z:ADH-CAMELLIA128-SHA     306       0.0601
z:ADH-CAMELLIA256-SHA     312       0.0613
z:ADH-DES-CBC-SHA         295       0.0579
z:ADH-DES-CBC3-SHA        712       0.1398
z:ADH-RC4-MD5             569       0.1117
z:ADH-SEED-SHA            230       0.0452
z:AECDH-AES128-SHA        13191     2.5898
z:AECDH-AES256-SHA        13214     2.5943
z:AECDH-DES-CBC3-SHA      13149     2.5815
z:AECDH-NULL-SHA          51        0.01
z:AECDH-RC4-SHA           12459     2.4461
z:DES-CBC-MD5             12757     2.5046
z:DES-CBC-SHA             38652     7.5885
z:DES-CBC3-MD5            25783     5.0619
z:ECDHE-RSA-NULL-SHA      60        0.0118
z:EDH-RSA-DES-CBC-SHA     33192     6.5165
z:EXP-ADH-DES-CBC-SHA     214       0.042
z:EXP-ADH-RC4-MD5         213       0.0418
z:EXP-DES-CBC-SHA         17083     3.3539
z:EXP-EDH-RSA-DES-CBC-SHA 13893     2.7276
z:EXP-RC2-CBC-MD5         20743     4.0724
z:EXP-RC4-MD5             21811     4.2821
z:EXP1024-DES-CBC-SHA     5319      1.0443
z:EXP1024-RC4-SHA         5395      1.0592
z:IDEA-CBC-MD5            2435      0.4781
z:NULL-MD5                230       0.0452
z:NULL-SHA                232       0.0455
z:NULL-SHA256             22        0.0043
z:RC2-CBC-MD5             13042     2.5605
z:RC4-64-MD5              1052      0.2065

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               130864    25.6923
Server side               378487    74.3077

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       817       0.1604
AECDH                     13248     2.601
DHE                       280098    54.9912
ECDH                      3         0.0006
ECDHE                     390772    76.7196
ECDHE and DHE             205466    40.3388
RSA                       463146    90.9287

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               187360    36.7841  66.8909
DH,1536bits               2         0.0004   0.0007
DH,2048bits               83731     16.4388  29.8935
DH,2236bits               3         0.0006   0.0011
DH,3072bits               2656      0.5214   0.9482
DH,3092bits               1         0.0002   0.0004
DH,4096bits               5788      1.1363   2.0664
DH,512bits                59        0.0116   0.0211
DH,768bits                553       0.1086   0.1974
DH,8192bits               2         0.0004   0.0007
ECDH,B-163,163bits        1         0.0002   0.0003
ECDH,B-571,570bits        1431      0.2809   0.3662
ECDH,K-163,163bits        1         0.0002   0.0003
ECDH,K-571,570bits        1         0.0002   0.0003
ECDH,P-224,224bits        83        0.0163   0.0212
ECDH,P-256,256bits        379964    74.5977  97.2342
ECDH,P-384,384bits        2696      0.5293   0.6899
ECDH,P-521,521bits        7641      1.5001   1.9554
Prefer DH,1024bits        70139     13.7703  25.0409
Prefer DH,1536bits        1         0.0002   0.0004
Prefer DH,2048bits        6067      1.1911   2.166
Prefer DH,2236bits        1         0.0002   0.0004
Prefer DH,3072bits        21        0.0041   0.0075
Prefer DH,4096bits        310       0.0609   0.1107
Prefer DH,768bits         170       0.0334   0.0607
Prefer ECDH,B-163,163bits 1         0.0002   0.0003
Prefer ECDH,B-571,570bits 1231      0.2417   0.315
Prefer ECDH,K-163,163bits 1         0.0002   0.0003
Prefer ECDH,K-571,570bits 1         0.0002   0.0003
Prefer ECDH,P-224,224bits 49        0.0096   0.0125
Prefer ECDH,P-256,256bits 327275    64.2533  83.7509
Prefer ECDH,P-384,384bits 2552      0.501    0.6531
Prefer ECDH,P-521,521bits 6909      1.3564   1.768
Prefer PFS                414728    81.4228  0
Support PFS               465404    91.372   0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
brainpoolP256r1           1013      0.1989   
brainpoolP384r1           1014      0.1991   
brainpoolP512r1           1015      0.1993   
prime192v1                1346      0.2643   
prime256v1                389473    76.4646  
prime256v1 Only           338238    66.4057  
secp160k1                 1313      0.2578   
secp160r1                 1315      0.2582   
secp160r2                 1312      0.2576   
secp192k1                 1335      0.2621   
secp224k1                 1403      0.2754   
secp224r1                 3044      0.5976   
secp224r1 Only            2         0.0004   
secp256k1                 2305      0.4525   
secp384r1                 51317     10.075   
secp384r1 Only            330       0.0648   
secp521r1                 20958     4.1146   
secp521r1 Only            124       0.0243   
sect163k1                 1322      0.2595   
sect163k1 Only            2         0.0004   
sect163r1                 1320      0.2592   
sect163r2                 1319      0.259    
sect163r2 Only            1         0.0002   
sect193r1                 1316      0.2584   
sect193r2                 1315      0.2582   
sect233k1                 1395      0.2739   
sect233r1                 1395      0.2739   
sect239k1                 1394      0.2737   
sect283k1                 2280      0.4476   
sect283r1                 2279      0.4474   
sect409k1                 2281      0.4478   
sect409r1                 2278      0.4472   
sect571k1                 2291      0.4498   
sect571r1                 2290      0.4496   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          76188     14.9579  
True                           263977    51.8261  
order-specific                 263       0.0516   
unknown                        168923    33.1644  

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
client                    3661      0.7188   
inconclusive-noecc        9         0.0018   
server                    386286    75.8389  
unknown                   119395    23.4406  

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     35626     6.9944   
ECDSA-SHA1 Only                4         0.0008   
ECDSA-SHA224                   35618     6.9928   
ECDSA-SHA256                   35628     6.9948   
ECDSA-SHA384                   35625     6.9942   
ECDSA-SHA512                   35631     6.9954   
ECDSA-SHA512 Only              6         0.0012   
RSA-MD5                        165235    32.4403  
RSA-SHA1                       341873    67.1193  
RSA-SHA1 Only                  46530     9.1352   
RSA-SHA224                     277602    54.5011  
RSA-SHA256                     301111    59.1166  
RSA-SHA256 Only                4859      0.954    
RSA-SHA384                     278555    54.6882  
RSA-SHA512                     278643    54.7055  
RSA-SHA512 Only                93        0.0183   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         243146    47.7364  
indeterminate                  8         0.0016   
intolerant                     3556      0.6981   
order-fallback                 16        0.0031   
server                         136828    26.8632  
unsupported                    22608     4.4386   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     35612     6.9916   
ECDSA intolerant               39        0.0077   
RSA False                      163780    32.1546  
RSA SHA1                       152230    29.8871  
RSA intolerant                 30949     6.0762   
RSA soft-nopfs                 1543      0.3029   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     6729      1.3211   
insecure                  20615     4.0473   
secure                    482007    94.6316  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      10877     2.1355   
False                     6729      1.3211   
NONE                      491745    96.5434  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         2         0.0004   
1 only                    2         0.0004   
2                         2         0.0004   
2 only                    2         0.0004   
5                         4         0.0008   
5 only                    4         0.0008   
10                        7         0.0014   
10 only                   7         0.0014   
15                        10        0.002    
15 only                   10        0.002    
30                        10        0.002    
30 only                   9         0.0018   
60                        100       0.0196   
60 only                   92        0.0181   
65                        1         0.0002   
65 only                   1         0.0002   
70                        6         0.0012   
100                       12        0.0024   
100 only                  12        0.0024   
120                       32        0.0063   
120 only                  32        0.0063   
128                       3         0.0006   
128 only                  3         0.0006   
150                       2         0.0004   
180                       52        0.0102   
180 only                  50        0.0098   
240                       14        0.0027   
240 only                  14        0.0027   
300                       227236    44.6129  
300 only                  222350    43.6536  
302                       1         0.0002   
302 only                  1         0.0002   
360                       3         0.0006   
360 only                  1         0.0002   
400                       7         0.0014   
400 only                  7         0.0014   
420                       113       0.0222   
420 only                  82        0.0161   
450                       1         0.0002   
450 only                  1         0.0002   
480                       12        0.0024   
480 only                  12        0.0024   
500                       4         0.0008   
500 only                  4         0.0008   
540                       1         0.0002   
540 only                  1         0.0002   
600                       23677     4.6485   
600 only                  23483     4.6104   
720                       1         0.0002   
720 only                  1         0.0002   
840                       2         0.0004   
840 only                  2         0.0004   
900                       664       0.1304   
900 only                  648       0.1272   
960                       2         0.0004   
960 only                  2         0.0004   
1200                      1996      0.3919   
1200 only                 1989      0.3905   
1500                      8         0.0016   
1500 only                 7         0.0014   
1800                      449       0.0882   
1800 only                 441       0.0866   
2400                      6         0.0012   
2400 only                 6         0.0012   
2700                      6         0.0012   
2700 only                 6         0.0012   
3000                      20        0.0039   
3000 only                 20        0.0039   
3600                      463       0.0909   
3600 only                 439       0.0862   
3900                      1         0.0002   
3900 only                 1         0.0002   
5400                      15        0.0029   
5400 only                 5         0.001    
6000                      6         0.0012   
6000 only                 6         0.0012   
7200                      15785     3.099    
7200 only                 15761     3.0943   
10800                     2395      0.4702   
10800 only                2391      0.4694   
14400                     73        0.0143   
14400 only                73        0.0143   
18000                     14        0.0027   
18000 only                14        0.0027   
21600                     5069      0.9952   
21600 only                5067      0.9948   
28800                     1936      0.3801   
28800 only                846       0.1661   
36000                     1219      0.2393   
36000 only                1212      0.2379   
43200                     32        0.0063   
43200 only                32        0.0063   
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     50264     9.8682   
64800 only                50206     9.8569   
72000                     10        0.002    
72000 only                10        0.002    
84600                     1         0.0002   
84600 only                1         0.0002   
86000                     37        0.0073   
86000 only                37        0.0073   
86400                     3516      0.6903   
86400 only                3515      0.6901   
100800                    12467     2.4476   
100800 only               12460     2.4463   
115200                    1         0.0002   
115200 only               1         0.0002   
129600                    7         0.0014   
129600 only               7         0.0014   
172800                    8         0.0016   
172800 only               8         0.0016   
216000                    1         0.0002   
216000 only               1         0.0002   
432000                    2         0.0004   
432000 only               2         0.0004   
604800                    1         0.0002   
864000                    2         0.0004   
864000 only               2         0.0004   
2592000                   1         0.0002   
2592000 only              1         0.0002   
None                      167946    32.9725  
None only                 161562    31.7192  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      13903     2.7296   
ecdsa-with-SHA256         35609     6.9911   
sha1WithRSAEncryption     118117    23.1897  
sha256WithRSAEncryption   355741    69.842   
sha384WithRSAEncryption   5         0.001    
sha512WithRSAEncryption   17        0.0033   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 35649     6.9989   
ECDSA 384                 6         0.0012   
ECDSA 521                 1         0.0002   
RSA 1024                  81        0.0159   
RSA 10240                 7         0.0014   
RSA 2048                  455461    89.4199  
RSA 2049                  3         0.0006   
RSA 2056                  2         0.0004   
RSA 2058                  2         0.0004   
RSA 2064                  1         0.0002   
RSA 2080                  2         0.0004   
RSA 2084                  5         0.001    
RSA 2408                  1         0.0002   
RSA 2432                  2         0.0004   
RSA 2480                  1         0.0002   
RSA 2890                  1         0.0002   
RSA 3071                  2         0.0004   
RSA 3072                  111       0.0218   
RSA 3102                  1         0.0002   
RSA 3248                  3         0.0006   
RSA 4042                  1         0.0002   
RSA 4048                  1         0.0002   
RSA 4056                  25        0.0049   
RSA 4069                  3         0.0006   
RSA 4086                  2         0.0004   
RSA 4092                  6         0.0012   
RSA 4094                  1         0.0002   
RSA 4096                  18024     3.5386   
RSA 8192                  5         0.001    
RSA/ECDSA Dual Stack      50        0.0098

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 109199    21.4389  
Unsupported               400152    78.5611  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      26076     5.1195
SSL2 Only                 24        0.0047
SSL3                      130306    25.5828
SSL3 Only                 584       0.1147
SSL3 or TLS1 Only         75720     14.866
SSL3 or lower Only        607       0.1192
TLS1                      506048    99.3515
TLS1 Only                 44327     8.7026
TLS1 or lower Only        100132    19.6587
TLS1.1                    396444    77.8332
TLS1.1 Only               30        0.0059
TLS1.1 or up Only         2473      0.4855
TLS1.2                    406149    79.7385
TLS1.2 Only               1063      0.2087
TLS1.2, 1.0 but not 1.1   11004     2.1604

Statistics from 528021 chains provided by 691201 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  479672    69.3969
incomplete                23576     3.4109
untrusted                 187953    27.1922

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         269       0.0509
3                         525613    99.544
4                         2106      0.3988
5                         33        0.0062

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 35610     
ECDSA 384                 35613     
RSA 1024                  255       
RSA 2045                  1         
RSA 2048                  860646    
RSA 4096                  125820    

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 35610     6.744
ECDSA 384                 35613     6.7446
RSA 1024                  253       0.0479
RSA 2045                  1         0.0002
RSA 2048                  491885    93.1563
RSA 4096                  125302    23.7305

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              35609     
sha1WithRSAEncryption          136788    
sha256WithRSAEncryption        246213    
sha384WithRSAEncryption        111253    
sha512WithRSAEncryption        61        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        137062    25.9577
112                       355341    67.2968
128                       35618     6.7456

Root CAs                                      Count     Percent
---------------------------------------------+---------+-------
(2c543cd1) GeoTrust Global CA                 109891    20.8119
(d6325660) COMODO RSA Certification Authority 103786    19.6557
(5ad8a5d6) GlobalSign Root CA                 51859     9.8214
(cbf06781) Go Daddy Root Certificate Authorit 48094     9.1083
(eed8c118) COMODO ECC Certification Authority 35597     6.7416
(b204d74a) VeriSign Class 3 Public Primary Ce 30261     5.731
(244b5494) DigiCert High Assurance EV Root CA 26028     4.9293
(2e4eed3c) thawte Primary Root CA             24484     4.6369
(157753a5) AddTrust External CA Root          12314     2.3321
(653b494a) Baltimore CyberTrust Root          12080     2.2878
(ae8153b9) StartCom Certification Authority   9217      1.7456
(3513523f) DigiCert Global Root CA            7329      1.388
(fc5a8f99) USERTrust RSA Certification Author 7360      1.3939
(4bfab552) Starfield Root Certificate Authori 6079      1.1513
(f081611a) The Go Daddy Group, Inc.           5382      1.0193
(480720ec) GeoTrust Primary Certification Aut 5448      1.0318
(f387163d) Starfield Technologies, Inc.       5310      1.0056


Scan performed between 17th of August and 4th of September 2015.

July 2015 scan results

Number of servers with trusted certificates is rising again, but it’s not yet at they May levels. Mostly just continuation of established trends. One significant change is that I’ve used most recent Mozilla trust list, with few 1024 bit root CAs removed, causing the average length of certificate chain to drop significantly.

Cipher suites

A bit surprisingly 3DES use has grown by a 1%, likely as a result of servers still worrying about compatibility with Windows XP when deprecating RC4 ciphers (those are down by nearly 3%).

Support for AES remains strong, with CBC mode of it does’t have much space to grow, continuing to hover at around 98%. GCM mode has grown by just under 3%.

RC4 cipher market share is just over 50% mark due to a nearly 3% drop since last month. Count of servers that support only this cipher has also gone down, with just 1484 servers supporting only this cipher in Alexa top 1 million. Unfortunately the amount of servers which prefer RC4 and which use it even in TLS1.1 or later is largely unchanged, falling by just 0.4% and 0.2% respectively.

Completely insecure ciphers also remain unchanged, with a decrease of just 0.5%.

Nearly 7% of servers still support the Logjam vulnerable export grade ciphersuites, a decrease of less than 0.2%.

Key exchange

ECDHE support is still growing, this month increasing by over 2.2% and reaching nearly 75%. As usual, the change is due to increased support for NIST P-256 curve, both in general as well as for preferred ciphersuites.

DHE support remains unchanged.

Nearly 80% of servers now prefer PFS key exchange and just over 90% support it.

This is also the first month where there are no servers which prefer key exchange with 512bit DHE! (last month there were just two, so it’s not a bit change…)

Hash and signature algorithms

No landslides here either. Both support for RSA-MD5 as well as RSA-MD5 keeps growing (by just under 1% and 2% respectively), while support for the more secure RSA-SHA256 is much slower, with just 1.3% increase.

Vulnerabilities

Servers missing secure renegotiation indication and vulnerable to CRIME are falling rather slowly, decreasing nearly insignificantly.

Certificates

Certificates signed with SHA256 are clearly gaining, with a 3% increase since last month. SHA-1 is also nicely falling, reaching a 30% mark now.

Still, most of those newly deployed certificates are using 2048 bit RSA keys, as those have decreased by just 0.3%.

We will also most likely see the first time when less than 100 servers use just 1024 bit RSA certificates.

As I’ve updated the Mozilla trust store, the average length of trust chain has decreased, with over 99% servers using just one intermediate certificate. At the same time the number of CAs above the 1% mark has grown by 4.

Protocols

SSLv3 and SSLv2 protocol keep their slow depreciation walk, with decreases of just 1% and 0.2% respectively. Thankfully, the vast majority of them supports at least TLSv1.0, with just 735 servers supporting SSLv3 at most (decrease of 0.04% since last month).

TLS1.2 market penetration is also reaching new heights, with 78% of servers supporting this protocol, its adoption is also rather slow, with increase of just 1.1%.

Results

SSL/TLS survey of 501992 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      424054    84.4743
3DES Only                 812       0.1618
AES                       492491    98.1073
AES Only                  17862     3.5582
AES-CBC                   492390    98.0872
AES-CBC Only              9258      1.8443
AES-GCM                   347128    69.1501
AES-GCM Only              41        0.0082
CAMELLIA                  223605    44.5435
CAMELLIA Only             1         0.0002
CHACHA20                  60925     12.1366
Insecure                  74098     14.7608
RC4                       254399    50.6779
RC4 Only                  1484      0.2956
RC4 Preferred             31098     6.1949
RC4 forced in TLS1.1+     17264     3.4391
x:FF 29 RC4 Only          1823      0.3632
x:FF 29 RC4 Preferred     35210     7.0141
x:FF 29 incompatible      101       0.0201
x:FF 35 RC4 Only          2132      0.4247
x:FF 35 RC4 Preferred     35335     7.039
x:FF 35 incompatible      103       0.0205
y:DHE-RSA-SEED-SHA        90992     18.1262
y:IDEA-CBC-SHA            79674     15.8716
y:SEED-SHA                97028     19.3286
z:ADH-AES128-GCM-SHA256   289       0.0576
z:ADH-AES128-SHA          1315      0.262
z:ADH-AES128-SHA256       198       0.0394
z:ADH-AES256-GCM-SHA384   302       0.0602
z:ADH-AES256-SHA          1320      0.263
z:ADH-AES256-SHA256       200       0.0398
z:ADH-CAMELLIA128-SHA     897       0.1787
z:ADH-CAMELLIA256-SHA     902       0.1797
z:ADH-DES-CBC-SHA         338       0.0673
z:ADH-DES-CBC3-SHA        1333      0.2655
z:ADH-RC4-MD5             1206      0.2402
z:ADH-SEED-SHA            827       0.1647
z:AECDH-AES128-SHA        17845     3.5548
z:AECDH-AES256-SHA        17865     3.5588
z:AECDH-DES-CBC3-SHA      17799     3.5457
z:AECDH-NULL-SHA          50        0.01
z:AECDH-RC4-SHA           17077     3.4018
z:DES-CBC-MD5             13569     2.703
z:DES-CBC-SHA             40067     7.9816
z:DES-CBC3-MD5            26983     5.3752
z:ECDHE-RSA-NULL-SHA      61        0.0122
z:EDH-RSA-DES-CBC-SHA     34341     6.8409
z:EXP-ADH-DES-CBC-SHA     240       0.0478
z:EXP-ADH-RC4-MD5         240       0.0478
z:EXP-DES-CBC-SHA         18671     3.7194
z:EXP-EDH-RSA-DES-CBC-SHA 15391     3.066
z:EXP-RC2-CBC-MD5         22650     4.512
z:EXP-RC4-MD5             23797     4.7405
z:EXP1024-DES-CBC-SHA     5785      1.1524
z:EXP1024-RC4-SHA         5862      1.1677
z:IDEA-CBC-MD5            2484      0.4948
z:NULL-MD5                265       0.0528
z:NULL-SHA                267       0.0532
z:NULL-SHA256             19        0.0038
z:RC2-CBC-MD5             13857     2.7604
z:RC4-64-MD5              1138      0.2267

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               130910    26.0781
Server side               371082    73.9219

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       1436      0.2861
AECDH                     17905     3.5668
DHE                       283230    56.4212
ECDH                      1         0.0002
ECDHE                     373639    74.4313
ECDHE and DHE             201985    40.2367
RSA                       459592    91.5537

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               204984    40.8341  72.3737
DH,1536bits               2         0.0004   0.0007
DH,2048bits               70215     13.9873  24.7908
DH,2236bits               3         0.0006   0.0011
DH,2430bits               1         0.0002   0.0004
DH,2432bits               1         0.0002   0.0004
DH,3072bits               2679      0.5337   0.9459
DH,4096bits               4693      0.9349   1.657
DH,512bits                76        0.0151   0.0268
DH,768bits                622       0.1239   0.2196
DH,8192bits               1         0.0002   0.0004
ECDH,B-163,163bits        1         0.0002   0.0003
ECDH,B-571,570bits        1404      0.2797   0.3758
ECDH,K-571,570bits        1         0.0002   0.0003
ECDH,P-192,192bits        2         0.0004   0.0005
ECDH,P-224,224bits        72        0.0143   0.0193
ECDH,P-256,256bits        363944    72.5     97.4052
ECDH,P-384,384bits        3765      0.75     1.0077
ECDH,P-521,521bits        6951      1.3847   1.8604
Prefer DH,1024bits        78380     15.6138  27.6736
Prefer DH,1536bits        1         0.0002   0.0004
Prefer DH,2048bits        3926      0.7821   1.3862
Prefer DH,2236bits        1         0.0002   0.0004
Prefer DH,3072bits        31        0.0062   0.0109
Prefer DH,4096bits        150       0.0299   0.053
Prefer DH,768bits         228       0.0454   0.0805
Prefer ECDH,B-163,163bits 1         0.0002   0.0003
Prefer ECDH,B-571,570bits 1210      0.241    0.3238
Prefer ECDH,K-571,570bits 1         0.0002   0.0003
Prefer ECDH,P-224,224bits 42        0.0084   0.0112
Prefer ECDH,P-256,256bits 308148    61.385   82.4721
Prefer ECDH,P-384,384bits 2291      0.4564   0.6132
Prefer ECDH,P-521,521bits 6402      1.2753   1.7134
Prefer PFS                400812    79.8443  0
Support PFS               454884    90.6158  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
brainpoolP256r1           405       0.0807   
brainpoolP384r1           405       0.0807   
brainpoolP512r1           405       0.0807   
prime192v1                1373      0.2735   
prime256v1                372791    74.2623  
prime256v1 Only           323403    64.4239  
secp160k1                 1334      0.2657   
secp160r1                 1338      0.2665   
secp160r2                 1334      0.2657   
secp192k1                 1358      0.2705   
secp224k1                 1414      0.2817   
secp224r1                 2898      0.5773   
secp224r1 Only            2         0.0004   
secp256k1                 1708      0.3402   
secp384r1                 49700     9.9006   
secp384r1 Only            314       0.0626   
secp521r1                 17736     3.5331   
secp521r1 Only            116       0.0231   
sect163k1                 1337      0.2663   
sect163k1 Only            2         0.0004   
sect163r1                 1335      0.2659   
sect163r2                 1336      0.2661   
sect163r2 Only            1         0.0002   
sect193r1                 1334      0.2657   
sect193r2                 1333      0.2655   
sect233k1                 1402      0.2793   
sect233r1                 1402      0.2793   
sect239k1                 1401      0.2791   
sect283k1                 1678      0.3343   
sect283r1                 1678      0.3343   
sect409k1                 1678      0.3343   
sect409r1                 1678      0.3343   
sect571k1                 1692      0.3371   
sect571r1                 1691      0.3369   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          83042     16.5425  
True                           242989    48.405   
order-specific                 27        0.0054   
unknown                        175934    35.0472  

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
client                    3093      0.6161   
inconclusive-noecc        24        0.0048   
server                    370124    73.7311  
unknown                   128751    25.648   

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     33890     6.7511   
ECDSA-SHA1 Only                2         0.0004   
ECDSA-SHA224                   33884     6.7499   
ECDSA-SHA256                   33890     6.7511   
ECDSA-SHA384                   33889     6.7509   
ECDSA-SHA512                   33893     6.7517   
ECDSA-SHA512 Only              4         0.0008   
RSA-MD5                        157874    31.4495  
RSA-SHA1                       329494    65.6373  
RSA-SHA1 Only                  48447     9.651    
RSA-SHA224                     265179    52.8253  
RSA-SHA256                     286453    57.0633  
RSA-SHA256 Only                4521      0.9006   
RSA-SHA384                     266091    53.007   
RSA-SHA512                     266166    53.022   
RSA-SHA512 Only                71        0.0141   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         233019    46.4189  
indeterminate                  10        0.002    
intolerant                     3229      0.6432   
order-fallback                 23        0.0046   
server                         132720    26.4387  
unsupported                    23607     4.7027   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     33882     6.7495   
ECDSA intolerant               21        0.0042   
RSA False                      153463    30.5708  
RSA SHA1                       148645    29.611   
RSA intolerant                 28673     5.7118   
RSA pfs-ecdsa-SHA512           1         0.0002   
RSA soft-nopfs                 4517      0.8998   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     7266      1.4474   
insecure                  21303     4.2437   
secure                    473423    94.3089  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      11567     2.3042   
False                     7266      1.4474   
NONE                      483159    96.2483  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         2         0.0004   
1 only                    2         0.0004   
2                         2         0.0004   
2 only                    2         0.0004   
5                         2         0.0004   
5 only                    2         0.0004   
10                        7         0.0014   
10 only                   7         0.0014   
15                        9         0.0018   
15 only                   9         0.0018   
30                        12        0.0024   
30 only                   12        0.0024   
60                        106       0.0211   
60 only                   99        0.0197   
70                        7         0.0014   
100                       12        0.0024   
100 only                  12        0.0024   
120                       28        0.0056   
120 only                  28        0.0056   
128                       3         0.0006   
128 only                  3         0.0006   
150                       2         0.0004   
180                       47        0.0094   
180 only                  45        0.009    
240                       10        0.002    
240 only                  10        0.002    
300                       220792    43.9832  
300 only                  215544    42.9377  
400                       8         0.0016   
400 only                  8         0.0016   
420                       117       0.0233   
420 only                  79        0.0157   
480                       13        0.0026   
480 only                  13        0.0026   
500                       5         0.001    
500 only                  5         0.001    
540                       1         0.0002   
540 only                  1         0.0002   
600                       22097     4.4019   
600 only                  21925     4.3676   
720                       3         0.0006   
720 only                  2         0.0004   
900                       597       0.1189   
900 only                  577       0.1149   
960                       2         0.0004   
960 only                  2         0.0004   
1200                      1891      0.3767   
1200 only                 1887      0.3759   
1440                      1         0.0002   
1440 only                 1         0.0002   
1500                      9         0.0018   
1500 only                 8         0.0016   
1800                      414       0.0825   
1800 only                 407       0.0811   
2400                      6         0.0012   
2400 only                 5         0.001    
2700                      6         0.0012   
2700 only                 6         0.0012   
3000                      21        0.0042   
3000 only                 21        0.0042   
3300                      1         0.0002   
3300 only                 1         0.0002   
3600                      428       0.0853   
3600 only                 415       0.0827   
3900                      2         0.0004   
3900 only                 2         0.0004   
4200                      1         0.0002   
5400                      18        0.0036   
5400 only                 3         0.0006   
6000                      4         0.0008   
6000 only                 4         0.0008   
7200                      15459     3.0795   
7200 only                 12872     2.5642   
10800                     2078      0.414    
10800 only                2074      0.4132   
14400                     77        0.0153   
14400 only                77        0.0153   
18000                     17        0.0034   
18000 only                17        0.0034   
21600                     5026      1.0012   
21600 only                5024      1.0008   
28800                     2346      0.4673   
28800 only                1578      0.3143   
36000                     1236      0.2462   
36000 only                1230      0.245    
43200                     26        0.0052   
43200 only                26        0.0052   
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     47900     9.542    
64800 only                47888     9.5396   
72000                     12        0.0024   
72000 only                12        0.0024   
86000                     41        0.0082   
86000 only                41        0.0082   
86400                     3432      0.6837   
86400 only                3430      0.6833   
100800                    12605     2.511    
100800 only               12595     2.509    
115200                    1         0.0002   
115200 only               1         0.0002   
129600                    7         0.0014   
129600 only               7         0.0014   
172800                    8         0.0016   
172800 only               8         0.0016   
604800                    2         0.0004   
604800 only               2         0.0004   
864000                    2         0.0004   
864000 only               2         0.0004   
None                      173956    34.6531  
None only                 165035    32.876   

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      18593     3.7038   
ecdsa-with-SHA256         33851     6.7433   
sha1WithRSAEncryption     147349    29.3529  
sha256WithRSAEncryption   320910    63.9273  
sha384WithRSAEncryption   4         0.0008   
sha512WithRSAEncryption   9         0.0018   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 33898     6.7527   
ECDSA 384                 7         0.0014   
RSA 1024                  106       0.0211   
RSA 10240                 5         0.001    
RSA 2047                  1         0.0002   
RSA 2048                  450327    89.708   
RSA 2049                  3         0.0006   
RSA 2056                  2         0.0004   
RSA 2058                  2         0.0004   
RSA 2064                  1         0.0002   
RSA 2080                  2         0.0004   
RSA 2084                  6         0.0012   
RSA 2096                  1         0.0002   
RSA 2408                  1         0.0002   
RSA 2432                  4         0.0008   
RSA 2612                  2         0.0004   
RSA 2848                  1         0.0002   
RSA 3024                  1         0.0002   
RSA 3071                  1         0.0002   
RSA 3072                  118       0.0235   
RSA 3096                  1         0.0002   
RSA 3102                  1         0.0002   
RSA 3248                  3         0.0006   
RSA 4042                  1         0.0002   
RSA 4048                  1         0.0002   
RSA 4056                  22        0.0044   
RSA 4069                  1         0.0002   
RSA 4086                  1         0.0002   
RSA 4092                  6         0.0012   
RSA 4094                  1         0.0002   
RSA 4096                  17521     3.4903   
RSA 8192                  7         0.0014   
RSA/ECDSA Dual Stack      56        0.0112

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 101152    20.1501  
Unsupported               400840    79.8499  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      27268     5.432
SSL2 Only                 24        0.0048
SSL3                      136796    27.2506
SSL3 Only                 707       0.1408
SSL3 or TLS1 Only         80735     16.0829
SSL3 or lower Only        735       0.1464
TLS1                      498809    99.3659
TLS1 Only                 47086     9.3798
TLS1 or lower Only        106223    21.1603
TLS1.1                    382607    76.2177
TLS1.1 Only               28        0.0056
TLS1.1 or up Only         2220      0.4422
TLS1.2                    392594    78.2072
TLS1.2 Only               994       0.198
TLS1.2, 1.0 but not 1.1   11334     2.2578

Statistics from 526034 chains provided by 685991 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  475051    69.2503
incomplete                24873     3.6258
untrusted                 186067    27.1238

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         327       0.0622
3                         523536    99.5251
4                         2138      0.4064
5                         33        0.0063

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 33853     
ECDSA 384                 33855     
RSA 1024                  308       
RSA 2045                  1         
RSA 2048                  866336    
RSA 4096                  119592    

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 33853     6.4355
ECDSA 384                 33855     6.4359
RSA 1024                  306       0.0582
RSA 2045                  1         0.0002
RSA 2048                  491599    93.4538
RSA 4096                  119050    22.6316

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              33853     
sha1WithRSAEncryption          162869    
sha256WithRSAEncryption        225699    
sha384WithRSAEncryption        105464    
sha512WithRSAEncryption        26        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        163116    31.0086
112                       329059    62.5547
128                       33859     6.4367

Root CAs                                      Count     Percent
---------------------------------------------+---------+-------
(2c543cd1) GeoTrust Global CA                 112037    21.2984
(d6325660) COMODO RSA Certification Authority 98541     18.7328
(5ad8a5d6) GlobalSign Root CA                 51559     9.8015
(cbf06781) Go Daddy Root Certificate Authorit 47005     8.9357
(eed8c118) COMODO ECC Certification Authority 33844     6.4338
(b204d74a) VeriSign Class 3 Public Primary Ce 30749     5.8454
(2e4eed3c) thawte Primary Root CA             25383     4.8254
(244b5494) DigiCert High Assurance EV Root CA 25365     4.8219
(157753a5) AddTrust External CA Root          15024     2.8561
(653b494a) Baltimore CyberTrust Root          11832     2.2493
(ae8153b9) StartCom Certification Authority   9405      1.7879
(3513523f) DigiCert Global Root CA            6987      1.3282
(fc5a8f99) USERTrust RSA Certification Author 6820      1.2965
(f081611a) The Go Daddy Group, Inc.           6456      1.2273
(480720ec) GeoTrust Primary Certification Aut 5857      1.1134
(f387163d) Starfield Technologies, Inc.       5842      1.1106
(4bfab552) Starfield Root Certificate Authori 5499      1.0454


Scan performed between 14th and 24th of July 2015.


June 2015 scan results

This month we have a small decrease in overall number of servers which support TLS protocol, down by 1.5%. Giving less than half a million of servers supporting secure communication in the Alex top 1 million sites.

Cipher suites

We have very small changes in used ciphers, all secure cipher types have gained below 0.5% each.

Surprisingly, there have been 22 servers which supported just ChaCha20 based ciphers.

Use of insecure ciphers is also mostly constant, loosing about 0.2%. RC4 use has also decreased, with 2% fewer servers supporting this cipher and server which support only this cipher has fallen by another 328 servers, bringing the overall number to just over 1.7 thousand servers. Servers which prefer RC4 ciphers have also decreased by 1.1%, most of it – 0.8% – driven by servers which no longer prefer RC4 with TLS1.1 and later protocol.

Cipher ordering remains unchanged, with server side ordering gaining less than 0.1%.

Key  exchange

Support for ECDHE key exchange grown by over 2.2%, nearly all of it caused by added support and preference for NIST P-256 curve.

The net effect was an increase of 1.2% in ciphersuites providing forward secrecy.

Hash and signature algorithms

Overall the changes were not drastic. Support for the MD5-RSA unfortunately keeps rising, this month by 1.3%. Support for SHA1-RSA has also increased by 2%. Support for the secure SHA256-RSA has grown by 2.3% so at least it’s growing faster than the others.

Client ordering of signature algorithms has grown by 2.4%, while server side ordering has lost 0.8%.

Majority of servers still either force use of SHA1 or abort connection in case the client didn’t advertise acceptable signature algorithms.

Vulnerabilities

Support for both insecure renegotiation and compression is still relatively high, at 4.44% and 2.45% respectively, falling by less than 0.4 and 0.1% month-on-month.

Many servers are also still vulnerable to Logjam, with still over 3.2% of servers using export grade DHE ciphersuites. Decrease of only 0.22%

Certificates

SHA-1 use keeps falling, but with a slightly less vigour – this month saw just 5.1% decrease.

Vast majority of those certificates were replaced by SHA-256 RSA signatures, bringing the overall market share of it to just above 60%.

2048 bit RSA still remains the chosen type of server key type, with just under 90% of server administrators opting for it.

Protocols

Use of SSL 2 and SSL 3 despite their insecurity still remains high, with 5.7% supporting the former and 28.2% the latter, decrease of 0.16% and 0.04% respectively.

Fortunately, just 919 servers (0.18% of total) support just those two protocols.

TLS1.0 support keeps dropping, albeit at a very slow pace (0.1% decrease), and still is above 99%.

TLS1.2 support increased by 0.8%, reaching 77%.

Results

SSL/TLS survey of 496355 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      414245    83.4574
3DES Only                 840       0.1692
AES                       485964    97.9065
AES Only                  17816     3.5894
AES-CBC                   485837    97.881
AES-CBC Only              9490      1.9119
AES-GCM                   331682    66.8235
AES-GCM Only              32        0.0064
CAMELLIA                  216922    43.703
CAMELLIA Only             4         0.0008
CHACHA20                  58723     11.8308
CHACHA20 Only             22        0.0044
Insecure                  75670     15.2451
RC4                       263495    53.086
RC4 Only                  1710      0.3445
RC4 Preferred             33485     6.7462
RC4 forced in TLS1.1+     18129     3.6524
x:FF 29 RC4 Only          2047      0.4124
x:FF 29 RC4 Preferred     37569     7.569
x:FF 29 incompatible      124       0.025
x:FF 35 RC4 Only          2377      0.4789
x:FF 35 RC4 Preferred     37715     7.5984
x:FF 35 incompatible      128       0.0258
y:DHE-RSA-SEED-SHA        101229    20.3945
y:IDEA-CBC-SHA            85830     17.2921
y:SEED-SHA                103066    20.7646
z:ADH-AES128-GCM-SHA256   311       0.0627
z:ADH-AES128-SHA          1107      0.223
z:ADH-AES128-SHA256       213       0.0429
z:ADH-AES256-GCM-SHA384   318       0.0641
z:ADH-AES256-SHA          1115      0.2246
z:ADH-AES256-SHA256       215       0.0433
z:ADH-CAMELLIA128-SHA     669       0.1348
z:ADH-CAMELLIA256-SHA     677       0.1364
z:ADH-DES-CBC-SHA         349       0.0703
z:ADH-DES-CBC3-SHA        1128      0.2273
z:ADH-RC4-MD5             1007      0.2029
z:ADH-SEED-SHA            605       0.1219
z:AECDH-AES128-SHA        17615     3.5489
z:AECDH-AES256-SHA        17629     3.5517
z:AECDH-DES-CBC3-SHA      17568     3.5394
z:AECDH-NULL-SHA          41        0.0083
z:AECDH-RC4-SHA           16900     3.4048
z:DES-CBC-MD5             14286     2.8782
z:DES-CBC-SHA             40810     8.2219
z:DES-CBC3-MD5            28088     5.6589
z:ECDHE-RSA-NULL-SHA      53        0.0107
z:EDH-RSA-DES-CBC-SHA     34934     7.0381
z:EXP-ADH-DES-CBC-SHA     252       0.0508
z:EXP-ADH-RC4-MD5         252       0.0508
z:EXP-DES-CBC-SHA         19650     3.9589
z:EXP-EDH-RSA-DES-CBC-SHA 16259     3.2757
z:EXP-RC2-CBC-MD5         23866     4.8083
z:EXP-RC4-MD5             25158     5.0685
z:EXP1024-DES-CBC-SHA     6288      1.2668
z:EXP1024-RC4-SHA         6374      1.2842
z:IDEA-CBC-MD5            2558      0.5154
z:NULL-MD5                259       0.0522
z:NULL-SHA                261       0.0526
z:NULL-SHA256             20        0.004
z:RC2-CBC-MD5             14614     2.9443
z:RC4-64-MD5              1161      0.2339

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               132994    26.7941
Server side               363361    73.2059

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       1238      0.2494
AECDH                     17668     3.5595
DHE                       280798    56.572
ECDH                      1         0.0002
ECDHE                     358229    72.1719
ECDHE and DHE             196228    39.5338
RSA                       455866    91.8427

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               210208    42.3503  74.8609
DH,1536bits               2         0.0004   0.0007
DH,2048bits               62891     12.6706  22.3972
DH,2236bits               3         0.0006   0.0011
DH,3072bits               2689      0.5417   0.9576
DH,4096bits               4249      0.856    1.5132
DH,512bits                73        0.0147   0.026
DH,6144bits               1         0.0002   0.0004
DH,768bits                729       0.1469   0.2596
ECDH,B-163,163bits        1         0.0002   0.0003
ECDH,B-571,570bits        1330      0.268    0.3713
ECDH,K-571,570bits        1         0.0002   0.0003
ECDH,P-192,192bits        2         0.0004   0.0006
ECDH,P-224,224bits        67        0.0135   0.0187
ECDH,P-256,256bits        349478    70.4089  97.5571
ECDH,P-384,384bits        3644      0.7342   1.0172
ECDH,P-521,521bits        6198      1.2487   1.7302
Prefer DH,1024bits        81235     16.3663  28.93
Prefer DH,1536bits        1         0.0002   0.0004
Prefer DH,2048bits        3908      0.7873   1.3917
Prefer DH,2236bits        1         0.0002   0.0004
Prefer DH,3072bits        27        0.0054   0.0096
Prefer DH,4096bits        120       0.0242   0.0427
Prefer DH,512bits         2         0.0004   0.0007
Prefer DH,768bits         347       0.0699   0.1236
Prefer ECDH,B-163,163bits 1         0.0002   0.0003
Prefer ECDH,B-571,570bits 1124      0.2265   0.3138
Prefer ECDH,K-571,570bits 1         0.0002   0.0003
Prefer ECDH,P-224,224bits 40        0.0081   0.0112
Prefer ECDH,P-256,256bits 293410    59.1129  81.9057
Prefer ECDH,P-384,384bits 2068      0.4166   0.5773
Prefer ECDH,P-521,521bits 5823      1.1732   1.6255
Prefer PFS                388108    78.1916  0
Support PFS               442799    89.2101  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
brainpoolP256r1           364       0.0733   
brainpoolP384r1           364       0.0733   
brainpoolP512r1           364       0.0733   
prime192v1                1331      0.2682   
prime256v1                357188    71.9622  
prime256v1 Only           311537    62.765   
secp160k1                 1298      0.2615   
secp160r1                 1303      0.2625   
secp160r2                 1298      0.2615   
secp192k1                 1315      0.2649   
secp224k1                 1370      0.276    
secp224r1                 2711      0.5462   
secp224r1 Only            2         0.0004   
secp256k1                 1587      0.3197   
secp384r1                 45900     9.2474   
secp384r1 Only            249       0.0502   
secp521r1                 13918     2.804    
secp521r1 Only            115       0.0232   
sect163k1                 1300      0.2619   
sect163k1 Only            3         0.0006   
sect163r1                 1297      0.2613   
sect163r2                 1298      0.2615   
sect163r2 Only            1         0.0002   
sect193r1                 1297      0.2613   
sect193r2                 1297      0.2613   
sect233k1                 1362      0.2744   
sect233r1                 1361      0.2742   
sect239k1                 1360      0.274    
sect283k1                 1566      0.3155   
sect283r1                 1566      0.3155   
sect409k1                 1566      0.3155   
sect409r1                 1565      0.3153   
sect571k1                 1575      0.3173   
sect571r1                 1574      0.3171   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          80483     16.2148  
True                           231859    46.7123  
order-specific                 16        0.0032   
unknown                        183997    37.0696  

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
client                    2665      0.5369   
inconclusive-noecc        16        0.0032   
server                    354894    71.5     
unknown                   138780    27.9598  

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     31932     6.4333   
ECDSA-SHA1 Only                1         0.0002   
ECDSA-SHA224                   31953     6.4375   
ECDSA-SHA256                   31989     6.4448   
ECDSA-SHA384                   32035     6.4541   
ECDSA-SHA512                   32097     6.4665   
ECDSA-SHA512 Only              62        0.0125   
RSA-MD5                        151912    30.6055  
RSA-SHA1                       316124    63.6891  
RSA-SHA1 Only                  44717     9.0091   
RSA-SHA224                     256857    51.7486  
RSA-SHA256                     276593    55.7248  
RSA-SHA256 Only                4237      0.8536   
RSA-SHA384                     257841    51.9469  
RSA-SHA512                     258008    51.9805  
RSA-SHA512 Only                160       0.0322   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         237214    47.7912  
indeterminate                  8         0.0016   
intolerant                     3109      0.6264   
order-fallback                 18        0.0036   
server                         113482    22.8631  
unsupported                    28681     5.7783   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     31910     6.4289   
ECDSA intolerant               295       0.0594   
ECDSA soft-nopfs               1         0.0002   
RSA False                      147535    29.7237  
RSA SHA1                       141919    28.5922  
RSA intolerant                 28072     5.6556   
RSA soft-nopfs                 4494      0.9054   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     7988      1.6093   
insecure                  22086     4.4496   
secure                    466281    93.941   

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      12174     2.4527   
False                     7988      1.6093   
NONE                      476193    95.938   

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         3         0.0006   
1 only                    3         0.0006   
2                         2         0.0004   
2 only                    2         0.0004   
5                         2         0.0004   
5 only                    2         0.0004   
10                        7         0.0014   
10 only                   7         0.0014   
15                        10        0.002    
15 only                   10        0.002    
30                        11        0.0022   
30 only                   11        0.0022   
60                        95        0.0191   
60 only                   90        0.0181   
70                        6         0.0012   
100                       15        0.003    
100 only                  15        0.003    
120                       31        0.0062   
120 only                  31        0.0062   
128                       2         0.0004   
128 only                  2         0.0004   
150                       2         0.0004   
180                       52        0.0105   
180 only                  50        0.0101   
240                       9         0.0018   
240 only                  9         0.0018   
300                       215043    43.3244  
300 only                  209657    42.2393  
400                       7         0.0014   
400 only                  7         0.0014   
420                       112       0.0226   
420 only                  68        0.0137   
480                       12        0.0024   
480 only                  12        0.0024   
500                       3         0.0006   
500 only                  3         0.0006   
540                       1         0.0002   
540 only                  1         0.0002   
600                       21511     4.3338   
600 only                  21353     4.302    
720                       2         0.0004   
720 only                  1         0.0002   
900                       604       0.1217   
900 only                  585       0.1179   
960                       2         0.0004   
960 only                  2         0.0004   
1200                      1894      0.3816   
1200 only                 1888      0.3804   
1440                      1         0.0002   
1440 only                 1         0.0002   
1500                      11        0.0022   
1500 only                 10        0.002    
1800                      411       0.0828   
1800 only                 405       0.0816   
2400                      6         0.0012   
2400 only                 6         0.0012   
2700                      8         0.0016   
2700 only                 8         0.0016   
3000                      14        0.0028   
3000 only                 13        0.0026   
3300                      1         0.0002   
3300 only                 1         0.0002   
3600                      424       0.0854   
3600 only                 409       0.0824   
3900                      2         0.0004   
3900 only                 2         0.0004   
4200                      1         0.0002   
5400                      15        0.003    
5400 only                 3         0.0006   
6000                      4         0.0008   
6000 only                 4         0.0008   
7200                      15262     3.0748   
7200 only                 10520     2.1195   
10800                     1975      0.3979   
10800 only                1968      0.3965   
14400                     74        0.0149   
14400 only                73        0.0147   
18000                     11        0.0022   
18000 only                11        0.0022   
21600                     4863      0.9797   
21600 only                4863      0.9797   
28800                     2439      0.4914   
28800 only                2009      0.4048   
36000                     1142      0.2301   
36000 only                1136      0.2289   
43200                     28        0.0056   
43200 only                26        0.0052   
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     45917     9.2508   
64800 only                45644     9.1958   
72000                     10        0.002    
72000 only                10        0.002    
86000                     43        0.0087   
86000 only                43        0.0087   
86400                     3392      0.6834   
86400 only                3391      0.6832   
100800                    12408     2.4998   
100800 only               12385     2.4952   
129600                    7         0.0014   
129600 only               7         0.0014   
172800                    5         0.001    
172800 only               5         0.001    
216000                    1         0.0002   
216000 only               1         0.0002   
432000                    1         0.0002   
432000 only               1         0.0002   
604800                    2         0.0004   
604800 only               2         0.0004   
864000                    1         0.0002   
864000 only               1         0.0002   
None                      179585    36.1808  
None only                 168439    33.9352  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      18390     3.705    
ecdsa-with-SHA256         32196     6.4865   
sha1WithRSAEncryption     162789    32.7969  
sha256WithRSAEncryption   301606    60.7642  
sha384WithRSAEncryption   3         0.0006   
sha512WithRSAEncryption   7         0.0014   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 32226     6.4925   
ECDSA 384                 7         0.0014   
ECDSA 521                 1         0.0002   
RSA 1024                  139       0.028    
RSA 10240                 4         0.0008   
RSA 2047                  1         0.0002   
RSA 2048                  446454    89.9465  
RSA 2049                  3         0.0006   
RSA 2056                  3         0.0006   
RSA 2058                  2         0.0004   
RSA 2064                  1         0.0002   
RSA 2080                  2         0.0004   
RSA 2084                  9         0.0018   
RSA 2096                  1         0.0002   
RSA 2345                  1         0.0002   
RSA 2408                  3         0.0006   
RSA 2432                  5         0.001    
RSA 2612                  2         0.0004   
RSA 3071                  1         0.0002   
RSA 3072                  96        0.0193   
RSA 3096                  1         0.0002   
RSA 3102                  1         0.0002   
RSA 3248                  2         0.0004   
RSA 4042                  1         0.0002   
RSA 4048                  2         0.0004   
RSA 4056                  26        0.0052   
RSA 4069                  1         0.0002   
RSA 4086                  2         0.0004   
RSA 4092                  7         0.0014   
RSA 4096                  17401     3.5058   
RSA 8192                  5         0.001    
RSA/ECDSA Dual Stack      45        0.0091

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 97129     19.5685  
Unsupported               399226    80.4315  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      28373     5.7163
SSL2 Only                 30        0.006
SSL3                      139997    28.205
SSL3 Only                 891       0.1795
SSL3 or TLS1 Only         84026     16.9286
SSL3 or lower Only        919       0.1851
TLS1                      493251    99.3746
TLS1 Only                 48794     9.8305
TLS1 or lower Only        110400    22.2421
TLS1.1                    372212    74.9891
TLS1.1 Only               33        0.0066
TLS1.1 or up Only         1982      0.3993
TLS1.2                    382499    77.0616
TLS1.2 Only               916       0.1845
TLS1.2, 1.0 but not 1.1   11830     2.3834


Statistics from 517131 chains provided by 680456 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  470323    69.1188
incomplete                19965     2.9341
untrusted                 190168    27.9471

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         328       0.0634
3                         262695    50.7985
4                         249615    48.2692
5                         4493      0.8688

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 32189     
ECDSA 384                 32184     
RSA 1024                  65659     
RSA 2045                  1         
RSA 2048                  1046763   
RSA 4096                  115739    

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 32189     6.2245
ECDSA 384                 32184     6.2236
RSA 1024                  65657     12.6964
RSA 2045                  1         0.0002
RSA 2048                  484420    93.6745
RSA 4096                  114849    22.2089

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              32189     
sha1WithRSAEncryption          287125    
sha256WithRSAEncryption        256796    
sha384WithRSAEncryption        199294    

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        236752    45.7818
112                       248197    47.995
128                       32182     6.2232

Root CAs                                      Count     Percent
---------------------------------------------+---------+-------
(861a399d) AddTrust Class 1 CA Root           126586    24.4785
(2c543cd1) GeoTrust Global CA                 111618    21.5841
(f081611a) The Go Daddy Group, Inc.           52765     10.2034
(5ad8a5d6) GlobalSign Root CA                 52501     10.1524
(eed8c118) COMODO ECC Certification Authority 32182     6.2232
(415660c1) VeriSign, Inc.                     30856     5.9668
(aee5f10d) Entrust.net Certification Authorit 28570     5.5247
(6cc3c4c3) Thawte Server CA                   25221     4.8771
(f387163d) Starfield Technologies, Inc.       11117     2.1497
(ae8153b9) StartCom Certification Authority   9414      1.8204
(653b494a) Baltimore CyberTrust Root          8928      1.7264
(578d5c04) Equifax                            6563      1.2691
(244b5494) DigiCert High Assurance EV Root CA 6432      1.2438

Scan performed between 18th and 28th of June 2015.

May 2015 scan results

Despite the Logjam attack very few servers have actually disabled export grade Diffie-Hellman ciphers. At the same time, we have reached another milestone, where over 500 thousand servers from Alexa top 1 million sites support TLS or SSL.

Cipher suites

Use of AES-GCM cipher mode combination has grown most significantly – by 2.6%. At the same time Camellia use has fallen by just under 0.2% and other secure ciphers remained mostly unchanged.

RC4 continues the slow decrease in use. Nearly 5% fewer servers support this insecure cipher. About 1.5% less prefer this ciphersuite over others, and 1.1% fewer force its use in TLSv1.1 or later. At the same time, still over 2000 servers support only this symmetric cipher.

Leaving single DES ciphers remains the most common server misconfiguration with nearly 8.5% of servers having this configuration error, a decrease of 0.5% since last month. Second most common misconfiguration are export grade ciphers, over 7.1% have them enabled. Finally anonymous ECDH ciphers, which are enabled on over 3.5% of servers.

1.5% more servers also dictate the cipher ordering instead of using the client side order.

Key exchange

More and more servers opt not to support RSA key exchange and provide support just for the ciphersuites which provide forward secrecy. RSA key exchange has lost nearly 1% of the market share, while both DHE and ECDHE has grown by over 1% and 3% respectively.

That also caused an overall increase of over 1.8% in servers which prefer forward secrecy enabled ciphersuites.

Unfortunately that has also brought with it slight increase in servers which use the breakable and almost-breakable 512 bit and 768 bit DH. But set of those servers is rather small so it may be just a fluctuation caused by current Alexa ranking.

ECC curves

As in previous months, most of ECDHE support increase is provided by the NIST P-256 curve, increase of about 2.8%. At the same time, servers which prefer P-521 curve has broken the 1% barrier.

In general, support for more obscure curves is growing slowly, but is overshadowed by the three most popular curves – P256, P-384 and P-521.

The vast majority of servers also support just one curve – P256. Domination which increased by nearly 3%.

Hash and signature algorithms

Support for the insecure MD5-RSA and SHA1-RSA keeps growing. The former increased by 0.7% while the latter increased by 2.14%. What’s more problematic, is that servers which support only SHA1-RSA has also grown, by about 0.13%.

Support for SHA256 and SHA512 has also grown, by 2.1% and 1.5% respectively.

Vulnerabilities

About 5% servers still don’t support secure renegotiation, situation which hasn’t change since last month.

Similarly, support for compression is still enabled at more than 2.5% of servers.

Certificates

Use of SHA-1 keeps dropping significantly, this month by nearly 5%. This is mostly replaced by SHA256-RSA, but some of it is thanks to SHA256-ECDSA (0.8%).

Use of 1024 bit RSA certificates has fallen to just 194 machines. At the same time, use of 2048 bit RSA lost about 0.5% of servers, scattered across ECDSA 256 and RSA 3072bit.

Amount of servers with incomplete trust chains has risen by 1.1%.

Protocols

Support for the vulnerable SSLv2 and SSLv3 is only very slowly dropping, by 0.36% and 1.76% respectively.

Thankfully, only 968 servers require use of SSLv3 or lower for connection, 0.192% of total.

TLSv1.0 seems to have reached its peak, with this months scan showing a very slight decrease of 0.04%. It still remains the highest protocol version supported by over 23% of servers, a decrease of just under 2%.

TLSv1.1 and TLSv1.2 keep gaining market share, with 76% and increase of over 2% for the latter.

As TLSv1.0 penetration would let us guess, very few servers operators decide to support only the newest protocols – currently 0.3% of total.

Results

SSL/TLS survey of 504133 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      422205    83.7487
3DES Only                 902       0.1789
AES                       492766    97.7452
AES Only                  15398     3.0544
AES-CBC                   492668    97.7258
AES-CBC Only              8199      1.6264
AES-GCM                   328750    65.211
AES-GCM Only              32        0.0063
CAMELLIA                  216646    42.974
CAMELLIA Only             2         0.0004
CHACHA20                  63418     12.5796
Insecure                  78500     15.5713
RC4                       277296    55.0045
RC4 Only                  2038      0.4043
RC4 Preferred             39565     7.8481
RC4 forced in TLS1.1+     22536     4.4702
x:FF 29 RC4 Only          2395      0.4751
x:FF 29 RC4 Preferred     44134     8.7544
x:FF 29 incompatible      105       0.0208
x:FF 35 RC4 Only          2735      0.5425
x:FF 35 RC4 Preferred     44278     8.783
x:FF 35 incompatible      108       0.0214
y:DHE-RSA-SEED-SHA        105410    20.9092
y:IDEA-CBC-SHA            86047     17.0683
y:SEED-SHA                103682    20.5664
z:ADH-AES128-GCM-SHA256   332       0.0659
z:ADH-AES128-SHA          1298      0.2575
z:ADH-AES128-SHA256       242       0.048
z:ADH-AES256-GCM-SHA384   344       0.0682
z:ADH-AES256-SHA          1307      0.2593
z:ADH-AES256-SHA256       244       0.0484
z:ADH-CAMELLIA128-SHA     803       0.1593
z:ADH-CAMELLIA256-SHA     814       0.1615
z:ADH-DES-CBC-SHA         368       0.073
z:ADH-DES-CBC3-SHA        1324      0.2626
z:ADH-RC4-MD5             1177      0.2335
z:ADH-SEED-SHA            719       0.1426
z:AECDH-AES128-SHA        17948     3.5602
z:AECDH-AES256-SHA        17959     3.5624
z:AECDH-DES-CBC3-SHA      17905     3.5516
z:AECDH-NULL-SHA          43        0.0085
z:AECDH-RC4-SHA           17242     3.4201
z:DES-CBC-MD5             15026     2.9806
z:DES-CBC-SHA             42323     8.3952
z:DES-CBC3-MD5            29340     5.8199
z:ECDHE-RSA-NULL-SHA      56        0.0111
z:EDH-RSA-DES-CBC-SHA     36108     7.1624
z:EXP-ADH-DES-CBC-SHA     279       0.0553
z:EXP-ADH-RC4-MD5         280       0.0555
z:EXP-DES-CBC-SHA         21187     4.2027
z:EXP-EDH-RSA-DES-CBC-SHA 17630     3.4971
z:EXP-RC2-CBC-MD5         25641     5.0862
z:EXP-RC4-MD5             27062     5.368
z:EXP1024-DES-CBC-SHA     6792      1.3473
z:EXP1024-RC4-SHA         6883      1.3653
z:IDEA-CBC-MD5            2594      0.5145
z:NULL-MD5                281       0.0557
z:NULL-SHA                286       0.0567
z:NULL-SHA256             23        0.0046
z:RC2-CBC-MD5             15367     3.0482
z:RC4-64-MD5              1245      0.247

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               135237    26.8257
Server side               368896    73.1743

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       1435      0.2846
AECDH                     17990     3.5685
DHE                       286817    56.8931
ECDH                      1         0.0002
ECDHE                     352323    69.8869
ECDHE and DHE             195467    38.7729
RSA                       459524    91.1513

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               229119    45.4481  79.8833
DH,1536bits               1         0.0002   0.0003
DH,2048bits               50894     10.0954  17.7444
DH,2236bits               3         0.0006   0.001
DH,3072bits               2379      0.4719   0.8294
DH,4094bits               1         0.0002   0.0003
DH,4096bits               3569      0.7079   1.2443
DH,512bits                81        0.0161   0.0282
DH,768bits                805       0.1597   0.2807
DH,8192bits               1         0.0002   0.0003
ECDH,B-163,163bits        1         0.0002   0.0003
ECDH,B-571,570bits        1580      0.3134   0.4485
ECDH,K-571,570bits        1         0.0002   0.0003
ECDH,P-224,224bits        63        0.0125   0.0179
ECDH,P-256,256bits        344044    68.2447  97.6502
ECDH,P-384,384bits        3587      0.7115   1.0181
ECDH,P-521,521bits        5548      1.1005   1.5747
Prefer DH,1024bits        87818     17.4196  30.6181
Prefer DH,2048bits        3211      0.6369   1.1195
Prefer DH,2236bits        1         0.0002   0.0003
Prefer DH,3072bits        30        0.006    0.0105
Prefer DH,4096bits        105       0.0208   0.0366
Prefer DH,512bits         4         0.0008   0.0014
Prefer DH,768bits         404       0.0801   0.1409
Prefer ECDH,B-163,163bits 1         0.0002   0.0003
Prefer ECDH,B-571,570bits 1365      0.2708   0.3874
Prefer ECDH,K-571,570bits 1         0.0002   0.0003
Prefer ECDH,P-224,224bits 36        0.0071   0.0102
Prefer ECDH,P-256,256bits 286974    56.9243  81.452
Prefer ECDH,P-384,384bits 2591      0.514    0.7354
Prefer ECDH,P-521,521bits 5220      1.0354   1.4816
Prefer PFS                387761    76.9164  0
Support PFS               443673    88.0071  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
brainpoolP256r1           294       0.0583   
brainpoolP384r1           294       0.0583   
brainpoolP512r1           294       0.0583   
prime192v1                1589      0.3152   
prime256v1                351551    69.7338  
prime256v1 Only           305875    60.6735  
secp160k1                 1561      0.3096   
secp160r1                 1566      0.3106   
secp160r2                 1561      0.3096   
secp192k1                 1580      0.3134   
secp224k1                 1628      0.3229   
secp224r1                 2813      0.558    
secp224r1 Only            3         0.0006   
secp256k1                 1637      0.3247   
secp384r1                 45923     9.1093   
secp384r1 Only            242       0.048    
secp521r1                 13392     2.6564   
secp521r1 Only            97        0.0192   
sect163k1                 1569      0.3112   
sect163k1 Only            1         0.0002   
sect163r1                 1568      0.311    
sect163r2                 1568      0.311    
sect163r2 Only            1         0.0002   
sect193r1                 1566      0.3106   
sect193r2                 1566      0.3106   
sect233k1                 1625      0.3223   
sect233r1                 1624      0.3221   
sect239k1                 1624      0.3221   
sect283k1                 1623      0.3219   
sect283r1                 1621      0.3215   
sect409k1                 1620      0.3213   
sect409r1                 1617      0.3207   
sect571k1                 1627      0.3227   
sect571r1                 1627      0.3227   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          80726     16.0128  
True                           223171    44.2683  
order-specific                 14        0.0028   
unknown                        200222    39.7161  

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
client                    2652      0.5261   
inconclusive-noecc        26        0.0052   
server                    349247    69.2768  
unknown                   152208    30.192   

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     34911     6.925    
ECDSA-SHA1 Only                1         0.0002   
ECDSA-SHA224                   34925     6.9277   
ECDSA-SHA256                   34948     6.9323   
ECDSA-SHA384                   34966     6.9359   
ECDSA-SHA512                   34985     6.9396   
ECDSA-SHA512 Only              19        0.0038   
RSA-MD5                        147472    29.2526  
RSA-SHA1                       310804    61.6512  
RSA-SHA1 Only                  46467     9.2172   
RSA-SHA224                     250624    49.7139  
RSA-SHA256                     269299    53.4182  
RSA-SHA256 Only                4125      0.8182   
RSA-SHA384                     251575    49.9025  
RSA-SHA512                     251692    49.9257  
RSA-SHA512 Only                54        0.0107   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         228686    45.3622  
indeterminate                  15        0.003    
intolerant                     2751      0.5457   
order-fallback                 23        0.0046   
server                         119546    23.7132  
unsupported                    33304     6.6062   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     34893     6.9214   
ECDSA intolerant               113       0.0224   
RSA False                      143034    28.3723  
RSA SHA1                       141505    28.069   
RSA intolerant                 27098     5.3752   
RSA soft-nopfs                 4560      0.9045   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     8495      1.6851   
insecure                  24563     4.8723   
secure                    471075    93.4426  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      12816     2.5422   
False                     8495      1.6851   
NONE                      482822    95.7727  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         3         0.0006   
1 only                    3         0.0006   
2                         3         0.0006   
2 only                    3         0.0006   
5                         2         0.0004   
5 only                    2         0.0004   
10                        7         0.0014   
10 only                   7         0.0014   
15                        10        0.002    
15 only                   10        0.002    
30                        10        0.002    
30 only                   9         0.0018   
60                        98        0.0194   
60 only                   93        0.0184   
70                        7         0.0014   
100                       21        0.0042   
100 only                  21        0.0042   
120                       27        0.0054   
120 only                  27        0.0054   
128                       2         0.0004   
128 only                  2         0.0004   
150                       2         0.0004   
180                       48        0.0095   
180 only                  46        0.0091   
240                       10        0.002    
240 only                  10        0.002    
300                       219015    43.4439  
300 only                  213209    42.2922  
360                       1         0.0002   
400                       8         0.0016   
400 only                  8         0.0016   
420                       108       0.0214   
420 only                  66        0.0131   
480                       12        0.0024   
480 only                  12        0.0024   
500                       4         0.0008   
500 only                  4         0.0008   
600                       16066     3.1869   
600 only                  15898     3.1535   
720                       2         0.0004   
720 only                  2         0.0004   
900                       742       0.1472   
900 only                  707       0.1402   
960                       2         0.0004   
960 only                  2         0.0004   
1200                      2024      0.4015   
1200 only                 2018      0.4003   
1320                      1         0.0002   
1320 only                 1         0.0002   
1440                      1         0.0002   
1440 only                 1         0.0002   
1500                      10        0.002    
1500 only                 9         0.0018   
1800                      406       0.0805   
1800 only                 397       0.0787   
2400                      6         0.0012   
2400 only                 6         0.0012   
2700                      11        0.0022   
2700 only                 11        0.0022   
3000                      14        0.0028   
3000 only                 14        0.0028   
3600                      442       0.0877   
3600 only                 422       0.0837   
3900                      1         0.0002   
3900 only                 1         0.0002   
4100                      2         0.0004   
4100 only                 2         0.0004   
4200                      1         0.0002   
5400                      20        0.004    
5400 only                 3         0.0006   
6000                      5         0.001    
6000 only                 5         0.001    
7200                      16629     3.2985   
7200 only                 13329     2.6439   
10800                     2315      0.4592   
10800 only                2310      0.4582   
14400                     73        0.0145   
14400 only                72        0.0143   
18000                     13        0.0026   
18000 only                13        0.0026   
21600                     4826      0.9573   
21600 only                4825      0.9571   
28800                     13        0.0026   
28800 only                13        0.0026   
36000                     1108      0.2198   
36000 only                1103      0.2188   
43200                     28        0.0056   
43200 only                25        0.005    
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     50705     10.0579  
64800 only                50654     10.0477  
72000                     17        0.0034   
72000 only                17        0.0034   
84600                     1         0.0002   
84600 only                1         0.0002   
86000                     45        0.0089   
86000 only                45        0.0089   
86400                     3437      0.6818   
86400 only                3436      0.6816   
100800                    12226     2.4252   
100800 only               12226     2.4252   
129600                    8         0.0016   
129600 only               8         0.0016   
172800                    2         0.0004   
172800 only               2         0.0004   
216000                    1         0.0002   
216000 only               1         0.0002   
432000                    1         0.0002   
432000 only               1         0.0002   
604800                    1         0.0002   
604800 only               1         0.0002   
864000                    3         0.0006   
864000 only               3         0.0006   
None                      183010    36.3019  
None only                 173532    34.4219  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      18818     3.7327   
ecdsa-with-SHA256         34966     6.9359   
sha1WithRSAEncryption     191053    37.8973  
sha256WithRSAEncryption   278185    55.1809  
sha384WithRSAEncryption   2         0.0004   
sha512WithRSAEncryption   7         0.0014   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 35000     6.9426   
ECDSA 384                 6         0.0012   
ECDSA 521                 2         0.0004   
RSA 1024                  194       0.0385   
RSA 10240                 7         0.0014   
RSA 2028                  1         0.0002   
RSA 2047                  1         0.0002   
RSA 2048                  451485    89.5567  
RSA 2049                  3         0.0006   
RSA 2056                  2         0.0004   
RSA 2058                  2         0.0004   
RSA 2064                  1         0.0002   
RSA 2080                  2         0.0004   
RSA 2084                  9         0.0018   
RSA 2096                  1         0.0002   
RSA 2408                  2         0.0004   
RSA 2432                  4         0.0008   
RSA 2480                  1         0.0002   
RSA 2612                  2         0.0004   
RSA 3050                  1         0.0002   
RSA 3071                  1         0.0002   
RSA 3072                  104       0.0206   
RSA 3096                  1         0.0002   
RSA 3248                  2         0.0004   
RSA 4042                  1         0.0002   
RSA 4048                  2         0.0004   
RSA 4056                  24        0.0048   
RSA 4069                  1         0.0002   
RSA 4086                  4         0.0008   
RSA 4092                  8         0.0016   
RSA 4096                  17305     3.4326   
RSA 8192                  6         0.0012   
RSA/ECDSA Dual Stack      45        0.0089

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 94341     18.7135  
Unsupported               409792    81.2865  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      29625     5.8764
SSL2 Only                 35        0.0069
SSL3                      142402    28.2469
SSL3 Only                 936       0.1857
SSL3 or TLS1 Only         88722     17.5989
SSL3 or lower Only        968       0.192
TLS1                      501347    99.4474
TLS1 Only                 51184     10.1529
TLS1 or lower Only        116300    23.0693
TLS1.1                    373523    74.0922
TLS1.1 Only               25        0.005
TLS1.1 or up Only         1606      0.3186
TLS1.2                    384312    76.2323
TLS1.2 Only               845       0.1676
TLS1.2, 1.0 but not 1.1   12411     2.4619


Statistics from 515219 chains provided by 689528 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  449551    65.1969
incomplete                37540     5.4443
untrusted                 202437    29.3588

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         345       0.067
3                         295875    57.427
4                         213966    41.5291
5                         5031      0.9765
6                         2         0.0004

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 34881     
ECDSA 384                 60711     
RSA 1024                  39543     
RSA 2045                  1         
RSA 2048                  1016373   
RSA 4096                  102618    

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 34881     6.7701
ECDSA 384                 60711     11.7835
RSA 1024                  39539     7.6742
RSA 2045                  1         0.0002
RSA 2048                  479801    93.1256
RSA 4096                  102053    19.8077

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              34881     
sha1WithRSAEncryption          285370    
sha256WithRSAEncryption        244990    
sha384WithRSAEncryption        173666    
sha512WithRSAEncryption        1         

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        240612    46.7009
112                       239734    46.5305
128                       34873     6.7686

Root CAs                                      Count     Percent
---------------------------------------------+---------+-------
(861a399d) AddTrust Class 1 CA Root           126924    24.635
(2c543cd1) GeoTrust Global CA                 111533    21.6477
(f081611a) The Go Daddy Group, Inc.           54113     10.5029
(5ad8a5d6) GlobalSign Root CA                 52056     10.1037
(eed8c118) COMODO ECC Certification Authority 34873     6.7686
(415660c1) VeriSign, Inc.                     29756     5.7754
(aee5f10d) Entrust.net Certification Authorit 29671     5.7589
(c089bbbd) thawte Primary Root CA - G2        25836     5.0146
(f387163d) Starfield Technologies, Inc.       11081     2.1507
(ae8153b9) StartCom Certification Authority   9729      1.8883
(578d5c04) Equifax                            6768      1.3136
(244b5494) DigiCert High Assurance EV Root CA 6686      1.2977


Scan performed between 24th of May and 3rd of June 2015.

April 2015 scan results

All in all, rather few insignificant changes, just continuation of established good trends.

Cipher suites

Not much happened in cipher suites, AES-GCM use grown by over 2%. 3DES and AES-CBC have gained just under a percent each.

On the bad end of the spectrum, amount of servers with completely insecure ciphers has fallen a bit by about 1.5%. RC4 use also dropped a bit, by 5%. Fortunately servers which prefer RC4 also dropped, but by just 1.5% to 9.4% of total.

Servers which support only RC4 also decreased by 511 servers, finally reaching under 0.5% of total.

Unfortunately, it doesn’t look like administrators verify their settings after system updates – amount of servers that support anonymous ECDH has grown again – to just over 3%.

Rest of bad ciphers have rather continued the downward trend.

Cipher ordering is still in relatively large part of servers dictated by the client side of connection. Situation unchanged since last scan.

Key Exchange

Support for ECDHE key exchange has increased by just over 1.5%, support for DHE key exchange has increased by about 1%.

Amount of servers which don’t support the key exchange that doesn’t provide forward secrecy – RSA – is also steadily growing, reaching 8% this time.

Unfortunately those changes don’t translate directly to preference for PFS ciphersuites – it has grown by less than 0.5%. Mostly caused by support for ECDHE with NIST P-256 curve.

ECC curves

NIST P-256 curve, also known as prime256v1 still reigns supreme. Though alternative curves grown by nearly 30% month over month, but they still are present less than 1% of servers.

Behaviour with respect to curve ordering or handling mismatch between curves advertised by client and curves supported by server haven’t changed much.

Hash and signature algorithms

There is a still a significant amount of servers which support just the SHA-1 signature algorithm with RSA signature, and it isn’t shrinking.

Support for stronger algorithms has grown by about 0.5%

Similarly to ECC curves, behaviour with relation to mismatch between what is supported and what client advertised haven’t changed much.

Vulnerabilities

Support both for insecure renegotiation as well as support for compression has fallen very insignificantly, just by few tenths of a percent. Still hovering at 5% and 3% respectively.

Certificates

Certificate signatures are still changing, with servers using SHA-1 signed certificates loosing about 5% of market share, while SHA-256 finally reaching the half way mark with 51%.

The key sizes remain relatively unchanged, with 2048 bit RSA remaining still at 90%. ECDSA with 256 bit curves has grown by 0.4%.

Protocols

Support for the broken SSL 2 and SSL 3 remains mostly unchanged with the former loosing just 0.5% while the latter 1.5%, placing them at 6 and 30% respectively.

Support for TLS 1.0 reached full saturation, with 99.5% of all servers supporting it. TLS 1.1 and 1.2 in turn have gained 2% each.

That means just 0.2% of servers support only TLS 1.1 or better.

Results

SSL/TLS survey of 484573 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      406786    83.9473
3DES Only                 794       0.1639
AES                       472659    97.5413
AES Only                  10959     2.2616
AES-CBC                   472558    97.5205
AES-CBC Only              4829      0.9965
AES-GCM                   303174    62.5652
AES-GCM Only              29        0.006
CAMELLIA                  209131    43.1578
CAMELLIA Only             1         0.0002
CHACHA20                  58829     12.1404
CHACHA20 Only             37        0.0076
Insecure                  77058     15.9022
RC4                       292575    60.3779
RC4 Only                  2401      0.4955
RC4 Preferred             45677     9.4262
RC4 forced in TLS1.1+     27055     5.5833
x:FF 29 RC4 Only          2759      0.5694
x:FF 29 RC4 Preferred     50228     10.3654
x:FF 29 incompatible      166       0.0343
x:FF 35 RC4 Only          3002      0.6195
x:FF 35 RC4 Preferred     50330     10.3865
x:FF 35 incompatible      169       0.0349
y:DHE-RSA-SEED-SHA        106435    21.9647
y:IDEA-CBC-SHA            86288     17.807
y:SEED-SHA                104010    21.4643
z:ADH-AES128-GCM-SHA256   403       0.0832
z:ADH-AES128-SHA          1245      0.2569
z:ADH-AES128-SHA256       285       0.0588
z:ADH-AES256-GCM-SHA384   411       0.0848
z:ADH-AES256-SHA          1251      0.2582
z:ADH-AES256-SHA256       288       0.0594
z:ADH-CAMELLIA128-SHA     757       0.1562
z:ADH-CAMELLIA256-SHA     767       0.1583
z:ADH-DES-CBC-SHA         370       0.0764
z:ADH-DES-CBC3-SHA        1264      0.2608
z:ADH-RC4-MD5             1068      0.2204
z:ADH-SEED-SHA            624       0.1288
z:AECDH-AES128-SHA        14597     3.0123
z:AECDH-AES256-SHA        14601     3.0132
z:AECDH-DES-CBC3-SHA      14555     3.0037
z:AECDH-NULL-SHA          33        0.0068
z:AECDH-RC4-SHA           13915     2.8716
z:DES-CBC-MD5             15676     3.235
z:DES-CBC-SHA             43379     8.952
z:DES-CBC3-MD5            29965     6.1838
z:ECDHE-RSA-NULL-SHA      39        0.008
z:EDH-RSA-DES-CBC-SHA     36816     7.5976
z:EXP-ADH-DES-CBC-SHA     296       0.0611
z:EXP-ADH-RC4-MD5         298       0.0615
z:EXP-DES-CBC-SHA         23304     4.8092
z:EXP-EDH-RSA-DES-CBC-SHA 18924     3.9053
z:EXP-RC2-CBC-MD5         27382     5.6507
z:EXP-RC4-MD5             29880     6.1663
z:EXP1024-DES-CBC-SHA     7448      1.537
z:EXP1024-RC4-SHA         7538      1.5556
z:IDEA-CBC-MD5            2648      0.5465
z:NULL-MD5                269       0.0555
z:NULL-SHA                277       0.0572
z:NULL-SHA256             17        0.0035
z:RC2-CBC-MD5             16012     3.3044
z:RC4-64-MD5              1266      0.2613

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               137690    28.4147
Server side               346883    71.5853

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       1408      0.2906
AECDH                     14635     3.0202
DHE                       270437    55.8093
ECDHE                     323781    66.8178
ECDHE and DHE             176359    36.3947
RSA                       446206    92.0823

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               223209    46.063   82.5364
DH,1536bits               1         0.0002   0.0004
DH,2048bits               43655     9.009    16.1424
DH,2236bits               3         0.0006   0.0011
DH,2430bits               1         0.0002   0.0004
DH,3072bits               21        0.0043   0.0078
DH,4096bits               2722      0.5617   1.0065
DH,512bits                78        0.0161   0.0288
DH,768bits                777       0.1603   0.2873
DH,8192bits               1         0.0002   0.0004
ECDH,B-163,163bits        5         0.001    0.0015
ECDH,B-571,570bits        986       0.2035   0.3045
ECDH,K-163,163bits        1         0.0002   0.0003
ECDH,K-571,570bits        1         0.0002   0.0003
ECDH,P-224,224bits        41        0.0085   0.0127
ECDH,P-256,256bits        316799    65.3769  97.8436
ECDH,P-384,384bits        3387      0.699    1.0461
ECDH,P-521,521bits        4921      1.0155   1.5199
Prefer DH,1024bits        90273     18.6294  33.3804
Prefer DH,2048bits        2959      0.6106   1.0942
Prefer DH,2236bits        1         0.0002   0.0004
Prefer DH,4096bits        100       0.0206   0.037
Prefer DH,512bits         3         0.0006   0.0011
Prefer DH,768bits         394       0.0813   0.1457
Prefer ECDH,B-163,163bits 5         0.001    0.0015
Prefer ECDH,B-571,570bits 777       0.1603   0.24
Prefer ECDH,K-163,163bits 1         0.0002   0.0003
Prefer ECDH,K-571,570bits 1         0.0002   0.0003
Prefer ECDH,P-224,224bits 16        0.0033   0.0049
Prefer ECDH,P-256,256bits 262300    54.1301  81.0115
Prefer ECDH,P-384,384bits 2417      0.4988   0.7465
Prefer ECDH,P-521,521bits 4606      0.9505   1.4226
Prefer PFS                363853    75.0873  0
Support PFS               417859    86.2324  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
brainpoolP256r1           275       0.0568   
brainpoolP384r1           275       0.0568   
brainpoolP512r1           276       0.057    
prime192v1                1006      0.2076   
prime256v1                322585    66.571   
prime256v1 Only           280643    57.9155  
secp160k1                 973       0.2008   
secp160r1                 977       0.2016   
secp160r2                 973       0.2008   
secp192k1                 994       0.2051   
secp224k1                 1021      0.2107   
secp224r1                 1909      0.394    
secp224r1 Only            1         0.0002   
secp256k1                 1031      0.2128   
secp384r1                 42157     8.6998   
secp384r1 Only            214       0.0442   
secp521r1                 11163     2.3037   
secp521r1 Only            85        0.0175   
sect163k1                 974       0.201    
sect163k1 Only            1         0.0002   
sect163r1                 973       0.2008   
sect163r2                 978       0.2018   
sect163r2 Only            5         0.001    
sect193r1                 973       0.2008   
sect193r2                 972       0.2006   
sect233k1                 1012      0.2088   
sect233r1                 1012      0.2088   
sect239k1                 1011      0.2086   
sect283k1                 1011      0.2086   
sect283r1                 1011      0.2086   
sect409k1                 1012      0.2088   
sect409r1                 1011      0.2086   
sect571k1                 1023      0.2111   
sect571r1                 1023      0.2111   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          79371     16.3796  
True                           201893    41.6641  
order-specific                 25        0.0052   
unknown                        203284    41.9512  

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
client                    1937      0.3997   
inconclusive-noecc        23        0.0047   
server                    320951    66.2338  
unknown                   161662    33.3617  

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     29961     6.183    
ECDSA-SHA224                   29962     6.1832   
ECDSA-SHA256                   29968     6.1844   
ECDSA-SHA384                   29969     6.1846   
ECDSA-SHA512                   29973     6.1854   
ECDSA-SHA512 Only              4         0.0008   
RSA-MD5                        138363    28.5536  
RSA-SHA1                       288373    59.5107  
RSA-SHA1 Only                  44023     9.0849   
RSA-SHA224                     233398    48.1657  
RSA-SHA256                     248405    51.2627  
RSA-SHA256 Only                3440      0.7099   
RSA-SHA384                     234083    48.3071  
RSA-SHA512                     234329    48.3578  
RSA-SHA512 Only                236       0.0487   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         213825    44.1265  
indeterminate                  7         0.0014   
intolerant                     2102      0.4338   
order-fallback                 14        0.0029   
server                         106987    22.0786  
unsupported                    37608     7.7611   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     29954     6.1815   
ECDSA intolerant               26        0.0054   
ECDSA pfs-rsa-SHA512           2         0.0004   
RSA False                      136825    28.2362  
RSA SHA1                       130262    26.8818  
RSA intolerant                 24807     5.1194   
RSA pfs-ecdsa-SHA512           1         0.0002   
RSA soft-nopfs                 1684      0.3475   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     8680      1.7913   
insecure                  23543     4.8585   
secure                    452350    93.3502  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      13301     2.7449   
False                     8680      1.7913   
NONE                      462592    95.4638  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         2         0.0004   
1 only                    2         0.0004   
2                         2         0.0004   
2 only                    2         0.0004   
5                         2         0.0004   
5 only                    2         0.0004   
10                        6         0.0012   
10 only                   6         0.0012   
15                        10        0.0021   
15 only                   10        0.0021   
30                        8         0.0017   
30 only                   8         0.0017   
60                        95        0.0196   
60 only                   90        0.0186   
65                        1         0.0002   
65 only                   1         0.0002   
70                        6         0.0012   
100                       13        0.0027   
100 only                  13        0.0027   
120                       31        0.0064   
120 only                  31        0.0064   
128                       2         0.0004   
128 only                  2         0.0004   
150                       2         0.0004   
180                       46        0.0095   
180 only                  43        0.0089   
240                       11        0.0023   
240 only                  11        0.0023   
300                       211464    43.6392  
300 only                  204443    42.1903  
360                       1         0.0002   
400                       7         0.0014   
400 only                  7         0.0014   
420                       117       0.0241   
420 only                  65        0.0134   
480                       13        0.0027   
480 only                  12        0.0025   
500                       3         0.0006   
500 only                  3         0.0006   
600                       14992     3.0939   
600 only                  14817     3.0577   
660                       1         0.0002   
660 only                  1         0.0002   
720                       1         0.0002   
720 only                  1         0.0002   
900                       527       0.1088   
900 only                  499       0.103    
960                       2         0.0004   
960 only                  2         0.0004   
1200                      574       0.1185   
1200 only                 562       0.116    
1440                      1         0.0002   
1440 only                 1         0.0002   
1500                      13        0.0027   
1500 only                 12        0.0025   
1800                      368       0.0759   
1800 only                 362       0.0747   
2400                      6         0.0012   
2400 only                 6         0.0012   
2700                      9         0.0019   
2700 only                 9         0.0019   
3000                      12        0.0025   
3000 only                 12        0.0025   
3600                      371       0.0766   
3600 only                 355       0.0733   
3900                      1         0.0002   
3900 only                 1         0.0002   
4200                      1         0.0002   
5400                      14        0.0029   
5400 only                 2         0.0004   
6000                      5         0.001    
6000 only                 5         0.001    
7200                      14319     2.955    
7200 only                 13804     2.8487   
10800                     1786      0.3686   
10800 only                1780      0.3673   
14400                     1343      0.2772   
14400 only                1335      0.2755   
18000                     11        0.0023   
18000 only                11        0.0023   
21600                     4962      1.024    
21600 only                4955      1.0225   
28800                     10        0.0021   
28800 only                9         0.0019   
36000                     980       0.2022   
36000 only                972       0.2006   
43200                     27        0.0056   
43200 only                23        0.0047   
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     46419     9.5794   
64800 only                46415     9.5785   
72000                     7         0.0014   
72000 only                7         0.0014   
84600                     1         0.0002   
84600 only                1         0.0002   
86000                     34        0.007    
86000 only                34        0.007    
86400                     363       0.0749   
86400 only                363       0.0749   
100800                    12150     2.5074   
100800 only               12149     2.5072   
129600                    9         0.0019   
129600 only               9         0.0019   
172800                    2         0.0004   
172800 only               2         0.0004   
216000                    1         0.0002   
216000 only               1         0.0002   
432000                    1         0.0002   
432000 only               1         0.0002   
600000                    1         0.0002   
600000 only               1         0.0002   
604800                    1         0.0002   
604800 only               1         0.0002   
864000                    3         0.0006   
864000 only               3         0.0006   
None                      181287    37.4117  
None only                 173413    35.7868  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      15526     3.2041   
ecdsa-with-SHA256         29954     6.1815   
sha1WithRSAEncryption     207522    42.8257  
sha256WithRSAEncryption   247164    51.0066  
sha384WithRSAEncryption   1         0.0002   
sha512WithRSAEncryption   11        0.0023   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 29979     6.1867   
ECDSA 384                 5         0.001    
RSA 1024                  222       0.0458   
RSA 10240                 3         0.0006   
RSA 2028                  1         0.0002   
RSA 2047                  1         0.0002   
RSA 2048                  437533    90.2925  
RSA 2049                  3         0.0006   
RSA 2056                  3         0.0006   
RSA 2058                  2         0.0004   
RSA 2064                  2         0.0004   
RSA 2080                  2         0.0004   
RSA 2084                  8         0.0017   
RSA 2096                  1         0.0002   
RSA 2408                  3         0.0006   
RSA 2432                  5         0.001    
RSA 2612                  2         0.0004   
RSA 3024                  1         0.0002   
RSA 3050                  1         0.0002   
RSA 3071                  1         0.0002   
RSA 3072                  93        0.0192   
RSA 3096                  1         0.0002   
RSA 3102                  1         0.0002   
RSA 3248                  1         0.0002   
RSA 3600                  1         0.0002   
RSA 4042                  1         0.0002   
RSA 4048                  2         0.0004   
RSA 4056                  30        0.0062   
RSA 4069                  1         0.0002   
RSA 4086                  4         0.0008   
RSA 4092                  10        0.0021   
RSA 4096                  16685     3.4432   
RSA 8192                  6         0.0012   
RSA/ECDSA Dual Stack      35        0.0072

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 85670     17.6795  
Unsupported               398903    82.3205  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      30248     6.2422
SSL2 Only                 63        0.013
SSL3                      145442    30.0145
SSL3 Only                 993       0.2049
SSL3 or TLS1 Only         92308     19.0493
SSL3 or lower Only        1029      0.2124
TLS1                      482080    99.4855
TLS1 Only                 53168     10.9721
TLS1 or lower Only        120432    24.8532
TLS1.1                    349742    72.1753
TLS1.1 Only               29        0.006
TLS1.1 or up Only         1151      0.2375
TLS1.2                    360532    74.402
TLS1.2 Only               703       0.1451
TLS1.2, 1.0 but not 1.1   12562     2.5924



Statistics from 501419 chains provided by 668131 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  444722    66.5621
incomplete                28787     4.3086
untrusted                 194622    29.1293

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         466       0.0929
3                         419080    83.5788
4                         81838     16.3213
5                         35        0.007

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 29837     
ECDSA 384                 29837     
RSA 1024                  447       
RSA 2045                  1         
RSA 2048                  932773    
RSA 4096                  91385     

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 29837     5.9505
ECDSA 384                 29837     5.9505
RSA 1024                  443       0.0883
RSA 2045                  1         0.0002
RSA 2048                  470954    93.9242
RSA 4096                  90510     18.0508

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              29837     
sha1WithRSAEncryption          222155    
sha256WithRSAEncryption        174421    
sha384WithRSAEncryption        156409    
sha512WithRSAEncryption        39        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        222398    44.3537
112                       249181    49.6952
128                       29840     5.9511

Root CAs                                      Count     Percent
---------------------------------------------+---------+-------
(2c543cd1) GeoTrust Global CA                 108475    21.6336
(157753a5) AddTrust External CA Root          107019    21.3432
(5ad8a5d6) GlobalSign Root CA                 50472     10.0658
(cbf06781) Go Daddy Root Certificate Authorit 44010     8.7771
(eed8c118) COMODO ECC Certification Authority 29832     5.9495
(b204d74a) VeriSign Class 3 Public Primary Ce 27936     5.5714
(2e4eed3c) thawte Primary Root CA             25416     5.0688
(244b5494) DigiCert High Assurance EV Root CA 24612     4.9085
(653b494a) Baltimore CyberTrust Root          11515     2.2965
(ae8153b9) StartCom Certification Authority   9470      1.8886
(f081611a) The Go Daddy Group, Inc.           8925      1.7799
(b13cc6df) UTN-USERFirst-Hardware             8766      1.7482
(f387163d) Starfield Technologies, Inc.       6944      1.3849
(3513523f) DigiCert Global Root CA            6188      1.2341
(480720ec) GeoTrust Primary Certification Aut 5346      1.0662
(40547a79) COMODO Certification Authority     5333      1.0636

Scan performed between 17th and 29th of April 2015

March 2015 scan results

Update 2015-04-05: previous version of scan results was done using old version of script and as such had few insignificant errors, most importantly, the amount of servers which support DH,512bits was reported incorrectly

The population of TLS enabled servers have grown again, this time
by 2.5%.

Cipher suites

Among cipher suites supported by servers there are small changes. 3DES grew by 1.6%, AES in general by 2% while AES-GCM by 2.9%! Camellia remained unchanged. Chacha20 continues its ups and downs, this time registered at 12.3% (compared to last month’s 5.7%).

Finally RC4 usage has fallen significantly, by over 10%, to about 65%. As has number of servers which support just RC4, though just by 0.15% to 2912 servers. Servers which prefer RC4 over other ciphers have also fallen, by 2.3%, as did servers which prefer RC4 with TLSv1.1 and later (where it never was necessary), by 1.95%.

Servers which use insecure ciphers in general have also fallen, though only by one percent. Looks like most server admins still didn’t get the memo about FREAK…

Server side ordering of ciphersuites has grown by about 1%.

Key exchange

Support for insecure ADH and AECDH remains static, as does support for RSA key exchange.

Support for both key exchanges which provide forward secrecy, i.e. DHE and ECDHE, is still growing, by 1.2% and 1.4% respectively.

While more and more servers support DHE the preferred key exchange is ECDHE, causing the overall use of DHE to fall by 1.2%. At the same time ECDHE has grown by 1.9%.

Or in other words, while number of servers that support forward secrecy has grown by just 0.66%, the amount of servers which prefer to use ciphersuites with forward secrecy has grown by 0.73%.

ECC curves

NIST P-256 remains the curve of choice for most of the Internet, growing by 1.35% to 65%. The second most popular, NIST P-384 has grown by 0.18% to 8.5%. Rest of curves have experienced even smaller changes.

Basically all servers which support ECDHE cipher suites still use their own curve ordering.

Hash and signature algorithms

While support for ECDSA signatures has remained relatively unchanged, the RSA side of things shows a bit more changes.

Support for MD-5 signatures remains high, at 27.7%, without changes. SHA-1 hash has grown by just over 1.3%. Support for SHA-224 and SHA-256 has grown by a bit too – 0.84% and 1.21% respectively. At the same time, support for the most secure SHA-384 and SHA-512 grown by 0.84%.

Vulnerabilities

Support for insecure renegotiation remains strong at 5.1%, a fall by just 0.23%.

Similarly, support for compression has shown little change, falling by just 0.14%.

Certificates

Signatures on certificates used by servers have changed again, this time SHA-1 has lost another 3.4% placing it for the first time below the 50% mark at 48.2%! At the same time SHA-256 has grown by 3.5%, reaching 46%.

I expect the next month scan to show SHA-256 finally overtaking SHA-1 in at least end entity certficiates.

Key size and algorithm remains relatively unchanged, with 2048 bit RSA still dominating the market with 90.8% share.

Protocols

Despite SSLv2 and SSLv3 being insecure, their adoption rate hasn’t fallen significantly. SSLv2 is still at 6.7%, having lost just 0.4%. SSLv3 also remains at a relatively high 31.5%, having lost just 1.9%.

TLSv1.0 dominates the market with support at the level of 99.5%.

Support for TLSv1.1 and TLSv1.2 keeps growing, both gaining about 1%, reaching 70.5% and 72.8% respectively.

Results

SSL/TLS survey of 490866 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      407148    82.9448
3DES Only                 780       0.1589
AES                       473985    96.561
AES Only                  10460     2.1309
AES-CBC                   473911    96.5459
AES-CBC Only              4648      0.9469
AES-GCM                   296424    60.388
AES-GCM Only              18        0.0037
CAMELLIA                  207419    42.2557
CAMELLIA Only             1         0.0002
CHACHA20                  60469     12.3188
CHACHA20 Only             1         0.0002
Insecure                  85185     17.354
RC4                       320737    65.3411
RC4 Only                  2912      0.5932
RC4 Preferred             53442     10.8873
RC4 forced in TLS1.1+     32201     6.56
x:FF 29 RC4 Only          3384      0.6894
x:FF 29 RC4 Preferred     58166     11.8497
x:FF 29 incompatible      132       0.0269
x:FF 35 RC4 Only          7394      1.5063
x:FF 35 RC4 Preferred     58284     11.8737
x:FF 35 incompatible      133       0.0271
y:DHE-RSA-SEED-SHA        108308    22.0647
y:IDEA-CBC-MD5            2768      0.5639
y:IDEA-CBC-SHA            87595     17.845
y:SEED-SHA                105451    21.4826
z:ADH-AES128-GCM-SHA256   422       0.086
z:ADH-AES128-SHA          1103      0.2247
z:ADH-AES128-SHA256       311       0.0634
z:ADH-AES256-GCM-SHA384   433       0.0882
z:ADH-AES256-SHA          1109      0.2259
z:ADH-AES256-SHA256       314       0.064
z:ADH-CAMELLIA128-SHA     560       0.1141
z:ADH-CAMELLIA256-SHA     569       0.1159
z:ADH-DES-CBC-SHA         379       0.0772
z:ADH-DES-CBC3-SHA        1130      0.2302
z:ADH-RC4-MD5             884       0.1801
z:ADH-SEED-SHA            394       0.0803
z:AECDH-AES128-SHA        14471     2.9481
z:AECDH-AES256-SHA        14474     2.9487
z:AECDH-DES-CBC3-SHA      14430     2.9397
z:AECDH-NULL-SHA          29        0.0059
z:AECDH-RC4-SHA           13672     2.7853
z:DES-CBC-MD5             17518     3.5688
z:DES-CBC-SHA             47111     9.5975
z:DES-CBC3-MD5            32625     6.6464
z:ECDHE-RSA-NULL-SHA      35        0.0071
z:EDH-RSA-DES-CBC-SHA     40234     8.1965
z:EXP-ADH-DES-CBC-SHA     303       0.0617
z:EXP-ADH-RC4-MD5         305       0.0621
z:EXP-DES-CBC-SHA         29855     6.0821
z:EXP-EDH-RSA-DES-CBC-SHA 22110     4.5043
z:EXP-RC2-CBC-MD5         34449     7.018
z:EXP-RC4-MD5             37185     7.5754
z:EXP1024-DES-CBC-SHA     8663      1.7648
z:EXP1024-RC4-SHA         8830      1.7989
z:IDEA-CBC-MD5            2768      0.5639
z:NULL-MD5                278       0.0566
z:NULL-SHA                280       0.057
z:NULL-SHA256             11        0.0022
z:RC2-CBC-MD5             17890     3.6446
z:RC4-64-MD5              1436      0.2925

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               139786    28.4774
Server side               351080    71.5226

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       1266      0.2579
AECDH                     14497     2.9534
DHE                       268820    54.7644
ECDHE                     320467    65.286
ECDHE and DHE             168192    34.2643
RSA                       456968    93.0942

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,512bits                84        0.0171   0.0312
DH,768bits                763       0.1554   0.2838
DH,1024bits               223064    45.443   82.9786
DH,1536bits               1         0.0002   0.0004
DH,2048bits               42555     8.6694   15.8302
DH,2226bits               1         0.0002   0.0004
DH,2236bits               2         0.0004   0.0007
DH,3072bits               19        0.0039   0.0071
DH,3248bits               2         0.0004   0.0007
DH,4096bits               2364      0.4816   0.8794
DH,8192bits               1         0.0002   0.0004
ECDH,B-163,163bits        7         0.0014   0.0022
ECDH,K-163,163bits        1         0.0002   0.0003
ECDH,P-224,224bits        50        0.0102   0.0156
ECDH,P-256,256bits        313819    63.9317  97.9255
ECDH,P-384,384bits        3463      0.7055   1.0806
ECDH,B-409,409bits        1         0.0002   0.0003
ECDH,P-521,521bits        4730      0.9636   1.476
ECDH,B-571,570bits        750       0.1528   0.234
Prefer DH,512bits         3         0.0006   0.0011
Prefer DH,768bits         432       0.088    0.1607
Prefer DH,1024bits        95849     19.5265  35.6553
Prefer DH,2048bits        3048      0.6209   1.1338
Prefer DH,2236bits        1         0.0002   0.0004
Prefer DH,3072bits        1         0.0002   0.0004
Prefer DH,4096bits        92        0.0187   0.0342
Prefer ECDH,B-163,163bits 7         0.0014   0.0022
Prefer ECDH,K-163,163bits 1         0.0002   0.0003
Prefer ECDH,P-224,224bits 17        0.0035   0.0053
Prefer ECDH,P-256,256bits 259052    52.7745  80.8358
Prefer ECDH,P-384,384bits 2751      0.5604   0.8584
Prefer ECDH,P-521,521bits 4403      0.897    1.3739
Prefer ECDH,B-571,570bits 550       0.112    0.1716
Prefer PFS                366207    74.6043  0
Support PFS               421095    85.7861  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
brainpoolP256r1           106       0.0216   
brainpoolP384r1           106       0.0216   
brainpoolP512r1           106       0.0216   
prime192v1                762       0.1552   
prime256v1                319803    65.1508  
prime256v1 Only           277852    56.6045  
secp160k1                 729       0.1485   
secp160r1                 730       0.1487   
secp160r2                 728       0.1483   
secp192k1                 751       0.153    
secp224k1                 785       0.1599   
secp224r1                 1393      0.2838   
secp224r1 Only            1         0.0002   
secp256k1                 799       0.1628   
secp384r1                 42156     8.5881   
secp384r1 Only            204       0.0416   
secp521r1                 10564     2.1521   
secp521r1 Only            85        0.0173   
sect163k1                 734       0.1495   
sect163k1 Only            1         0.0002   
sect163r1                 733       0.1493   
sect163r2                 740       0.1508   
sect163r2 Only            7         0.0014   
sect193r1                 732       0.1491   
sect193r2                 732       0.1491   
sect233k1                 780       0.1589   
sect233r1                 780       0.1589   
sect239k1                 779       0.1587   
sect283k1                 779       0.1587   
sect283r1                 778       0.1585   
sect409k1                 777       0.1583   
sect409r1                 777       0.1583   
sect571k1                 791       0.1611   
sect571r1                 791       0.1611   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          79157     16.126   
True                           201745    41.0998  
order-specific                 13        0.0026   
unknown                        209951    42.7716  

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
client                    1847      0.3763   
inconclusive-noecc        28        0.0057   
server                    318249    64.8342  
unknown                   170742    34.7838  

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     27988     5.7018   
ECDSA-SHA1 Only                1         0.0002   
ECDSA-SHA224                   27987     5.7016   
ECDSA-SHA256                   27989     5.702    
ECDSA-SHA384                   27991     5.7024   
ECDSA-SHA512                   27993     5.7028   
ECDSA-SHA512 Only              2         0.0004   
RSA-MD5                        136241    27.7552  
RSA-SHA1                       288779    58.8305  
RSA-SHA1 Only                  44445     9.0544   
RSA-SHA224                     234597    47.7925  
RSA-SHA256                     247885    50.4995  
RSA-SHA256 Only                3147      0.6411   
RSA-SHA384                     235034    47.8815  
RSA-SHA512                     235096    47.8941  
RSA-SHA512 Only                58        0.0118   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         213446    43.4836  
indeterminate                  11        0.0022   
intolerant                     1648      0.3357   
order-fallback                 40        0.0081   
server                         105410    21.4743  
unsupported                    36763     7.4894   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     27982     5.7005   
ECDSA intolerant               14        0.0029   
ECDSA pfs-rsa-SHA512           1         0.0002   
RSA False                      134610    27.423   
RSA SHA1                       133281    27.1522  
RSA intolerant                 23009     4.6874   
RSA pfs-ecdsa-SHA512           2         0.0004   
RSA soft-nopfs                 1784      0.3634   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     9310      1.8966   
insecure                  25318     5.1578   
secure                    456238    92.9455  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      14829     3.021    
False                     9310      1.8966   
NONE                      466727    95.0824  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         2         0.0004   
1 only                    2         0.0004   
2                         2         0.0004   
2 only                    2         0.0004   
5                         1         0.0002   
5 only                    1         0.0002   
10                        6         0.0012   
10 only                   6         0.0012   
15                        5         0.001    
15 only                   5         0.001    
30                        6         0.0012   
30 only                   6         0.0012   
60                        80        0.0163   
60 only                   76        0.0155   
65                        1         0.0002   
65 only                   1         0.0002   
70                        6         0.0012   
75                        1         0.0002   
75 only                   1         0.0002   
100                       13        0.0026   
100 only                  13        0.0026   
120                       28        0.0057   
120 only                  28        0.0057   
128                       2         0.0004   
128 only                  2         0.0004   
180                       47        0.0096   
180 only                  45        0.0092   
240                       8         0.0016   
240 only                  8         0.0016   
256                       1         0.0002   
256 only                  1         0.0002   
300                       208001    42.3743  
300 only                  200049    40.7543  
360                       1         0.0002   
400                       5         0.001    
400 only                  5         0.001    
420                       109       0.0222   
420 only                  55        0.0112   
480                       13        0.0026   
480 only                  13        0.0026   
500                       4         0.0008   
500 only                  4         0.0008   
600                       14341     2.9216   
600 only                  14057     2.8637   
660                       1         0.0002   
660 only                  1         0.0002   
720                       1         0.0002   
720 only                  1         0.0002   
900                       521       0.1061   
900 only                  504       0.1027   
960                       2         0.0004   
960 only                  2         0.0004   
1200                      322       0.0656   
1200 only                 318       0.0648   
1440                      1         0.0002   
1440 only                 1         0.0002   
1500                      12        0.0024   
1500 only                 11        0.0022   
1800                      349       0.0711   
1800 only                 339       0.0691   
2400                      7         0.0014   
2400 only                 7         0.0014   
2700                      7         0.0014   
2700 only                 7         0.0014   
3000                      12        0.0024   
3000 only                 12        0.0024   
3600                      397       0.0809   
3600 only                 377       0.0768   
4200                      1         0.0002   
5400                      14        0.0029   
5400 only                 2         0.0004   
6000                      3         0.0006   
6000 only                 3         0.0006   
7200                      14219     2.8967   
7200 only                 13909     2.8336   
10800                     2158      0.4396   
10800 only                2153      0.4386   
14400                     1534      0.3125   
14400 only                1529      0.3115   
18000                     2         0.0004   
18000 only                2         0.0004   
21600                     5398      1.0997   
21600 only                5398      1.0997   
28800                     13        0.0026   
28800 only                12        0.0024   
36000                     1015      0.2068   
36000 only                1008      0.2054   
43200                     25        0.0051   
43200 only                21        0.0043   
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     46186     9.4091   
64800 only                46179     9.4077   
72000                     6         0.0012   
72000 only                6         0.0012   
84600                     1         0.0002   
84600 only                1         0.0002   
86000                     29        0.0059   
86000 only                29        0.0059   
86400                     271       0.0552   
86400 only                270       0.055    
100800                    13929     2.8376   
100800 only               13929     2.8376   
129600                    10        0.002    
129600 only               10        0.002    
172800                    1         0.0002   
172800 only               1         0.0002   
216000                    1         0.0002   
216000 only               1         0.0002   
432000                    1         0.0002   
432000 only               1         0.0002   
604800                    1         0.0002   
604800 only               1         0.0002   
864000                    5         0.001    
864000 only               5         0.001    
None                      190434    38.7955  
None only                 181732    37.0227  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      15465     3.1506   
ecdsa-with-SHA256         27974     5.6989   
sha1WithRSAEncryption     236900    48.2616  
sha256WithRSAEncryption   226070    46.0553  
sha512WithRSAEncryption   10        0.002    

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 27993     5.7028   
ECDSA 384                 6         0.0012   
RSA 1024                  369       0.0752   
RSA 2028                  1         0.0002   
RSA 2047                  1         0.0002   
RSA 2048                  445922    90.8439  
RSA 2049                  3         0.0006   
RSA 2056                  3         0.0006   
RSA 2058                  3         0.0006   
RSA 2064                  1         0.0002   
RSA 2080                  2         0.0004   
RSA 2084                  13        0.0026   
RSA 2096                  1         0.0002   
RSA 2345                  1         0.0002   
RSA 2408                  2         0.0004   
RSA 2432                  7         0.0014   
RSA 2612                  2         0.0004   
RSA 3024                  1         0.0002   
RSA 3072                  88        0.0179   
RSA 3102                  1         0.0002   
RSA 3248                  3         0.0006   
RSA 3600                  1         0.0002   
RSA 4042                  1         0.0002   
RSA 4048                  2         0.0004   
RSA 4056                  23        0.0047   
RSA 4069                  1         0.0002   
RSA 4086                  2         0.0004   
RSA 4092                  9         0.0018   
RSA 4096                  16428     3.3467   
RSA 4098                  1         0.0002   
RSA 8192                  4         0.0008   
RSA 10240                 7         0.0014   
RSA/ECDSA Dual Stack      30        0.0061

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 84875     17.2909  
Unsupported               405991    82.7091  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      32906     6.7037
SSL2 Only                 70        0.0143
SSL3                      154674    31.5104
SSL3 Only                 1232      0.251
SSL3 or TLS1 Only         99145     20.198
SSL3 or lower Only        1271      0.2589
TLS1                      488375    99.4925
TLS1 Only                 56239     11.4571
TLS1 or lower Only        129642    26.4109
TLS1.1                    346511    70.5918
TLS1.1 Only               7         0.0014
TLS1.1 or up Only         883       0.1799
TLS1.2                    357304    72.7905
TLS1.2 Only               578       0.1178
TLS1.2, 1.0 but not 1.1   12762     2.5999




Statistics from 520507 chains provided by 672015 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  460603    68.5406
incomplete                28832     4.2904
untrusted                 182580    27.169

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         1205      0.2315
3                         443210    85.1497
4                         76056     14.6119
5                         36        0.0069

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 27857     
ECDSA 384                 27857     
RSA 1024                  1171      
RSA 2045                  1         
RSA 2048                  973503    
RSA 4096                  85548     

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 27857     5.3519
ECDSA 384                 27857     5.3519
RSA 1024                  1167      0.2242
RSA 2045                  1         0.0002
RSA 2048                  491325    94.3935
RSA 4096                  84807     16.2932

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              27857     
sha1WithRSAEncryption          262841    
sha256WithRSAEncryption        159502    
sha384WithRSAEncryption        145194    
sha512WithRSAEncryption        36        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        262927    50.5136
112                       229721    44.1341
128                       27859     5.3523

Root CAs                                      Count     Percent
---------------------------------------------+---------+-------
(2c543cd1) GeoTrust Global CA                 115769    22.2416
(157753a5) AddTrust External CA Root          107315    20.6174
(5ad8a5d6) GlobalSign Root CA                 53007     10.1837
(cbf06781) Go Daddy Root Certificate Authorit 45510     8.7434
(b204d74a) VeriSign Class 3 Public Primary Ce 29396     5.6476
(eed8c118) COMODO ECC Certification Authority 27851     5.3507
(2e4eed3c) thawte Primary Root CA             26160     5.0259
(244b5494) DigiCert High Assurance EV Root CA 25614     4.921
(653b494a) Baltimore CyberTrust Root          11786     2.2643
(f081611a) The Go Daddy Group, Inc.           10796     2.0741
(b13cc6df) UTN-USERFirst-Hardware             9685      1.8607
(ae8153b9) StartCom Certification Authority   9557      1.8361
(f387163d) Starfield Technologies, Inc.       7849      1.508
(40547a79) COMODO Certification Authority     6860      1.3179
(3513523f) DigiCert Global Root CA            6032      1.1589
(480720ec) GeoTrust Primary Certification Aut 5231      1.005

Scan performed between 16th and 27th of March 2015.

February 2015 scan results

This month the amount of HTTP servers with trusted certificate has grown again,
this time by just under 2%.

Cipher suites that use 3DES or AES have essentially retained their marketshare,
with slight increase in 3DES and AES-GCM use. Servers which support just RC4 or
prefer RC4 over other ciphers has also remained unchanged, as have the use of
completely insecure export grade and 54 bit ciphers.

Server side cipher ordering also didn’t change by much, though it has risen.

Support for ciphersuites that provides forward secrecy has also seen only
insignificant changes. Preference for DHE has remained the same, for ECDHE
has risen only very slightly. Though it is a bit surprising, as support for both
ECDHE and DHE has risen by more than a percent. Nearly all of this change is
attributed to support for P-256 curve and 2048 bit finite-field DHE.

Similarly, support for server side curve ordering or chosen signature algorithms
essentially remained the same.

The only measurement that has noted change above 1% are the signature algorithms
on server certificates, with SHA-1 loosing another 3.8% and SHA-256 gaining same
amount. Used key sizes haven’t changed though.

SSLv3 support still remains high, with 33% of surveyed servers still supporting
this insecure protocol. The good news is that only 0.33% of all servers scanned
support just SSLv3 or SSLv2, so browsers and users are safe to disable this
protocol without fear of interoperability issues.

SSL/TLS survey of 478847 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      389395    81.3193
3DES Only                 446       0.0931
AES                       452703    94.5402
AES Only                  7959      1.6621
AES-CBC Only              4111      0.8585
AES-GCM                   275395    57.5121
AES-GCM Only              21        0.0044
CAMELLIA                  201517    42.0838
CAMELLIA Only             1         0.0002
CHACHA20                  27231     5.6868
Insecure                  88014     18.3804
RC4                       362499    75.7025
RC4 Only                  3578      0.7472
RC4 Preferred             63514     13.2639
RC4 forced in TLS1.1+     40750     8.51
x:FF 29 RC4 Only          545       0.1138
x:FF 29 RC4 Preferred     68531     14.3117
x:FF 29 incompatible      135       0.0282
y:DHE-RSA-SEED-SHA        106333    22.206
y:IDEA-CBC-MD5            2911      0.6079
y:IDEA-CBC-SHA            85651     17.8869
y:SEED-SHA                103273    21.567
z:ADH-AES128-GCM-SHA256   352       0.0735
z:ADH-AES128-SHA          983       0.2053
z:ADH-AES128-SHA256       278       0.0581
z:ADH-AES256-GCM-SHA384   367       0.0766
z:ADH-AES256-SHA          995       0.2078
z:ADH-AES256-SHA256       282       0.0589
z:ADH-CAMELLIA128-SHA     440       0.0919
z:ADH-CAMELLIA256-SHA     449       0.0938
z:ADH-DES-CBC-SHA         378       0.0789
z:ADH-DES-CBC3-SHA        1011      0.2111
z:ADH-RC4-MD5             787       0.1644
z:ADH-SEED-SHA            293       0.0612
z:AECDH-AES128-SHA        14530     3.0344
z:AECDH-AES256-SHA        14530     3.0344
z:AECDH-DES-CBC3-SHA      14487     3.0254
z:AECDH-NULL-SHA          38        0.0079
z:AECDH-RC4-SHA           13507     2.8207
z:DES-CBC-MD5             18469     3.857
z:DES-CBC-SHA             49506     10.3386
z:DES-CBC3-MD5            33718     7.0415
z:ECDHE-RSA-NULL-SHA      43        0.009
z:EDH-RSA-DES-CBC-SHA     42281     8.8298
z:EXP-ADH-DES-CBC-SHA     302       0.0631
z:EXP-ADH-RC4-MD5         306       0.0639
z:EXP-DES-CBC-SHA         35244     7.3602
z:EXP-EDH-RSA-DES-CBC-SHA 24614     5.1403
z:EXP-RC2-CBC-MD5         40047     8.3632
z:EXP-RC4-MD5             42873     8.9534
z:EXP1024-DES-CBC-SHA     9396      1.9622
z:EXP1024-RC4-SHA         9557      1.9958
z:NULL-MD5                292       0.061
z:NULL-SHA                292       0.061
z:NULL-SHA256             12        0.0025
z:RC2-CBC-MD5             18829     3.9322
z:RC4-64-MD5              1529      0.3193

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               141265    29.5011
Server side               337582    70.4989

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       1120      0.2339
AECDH                     14557     3.04
DHE                       256190    53.5014
ECDHE                     305994    63.9022
ECDHE and DHE             154553    32.2761
RSA                       446580    93.2615

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               214103    44.7122  83.572
DH,1536bits               1         0.0002   0.0004
DH,2048bits               39131     8.1719   15.2742
DH,2226bits               1         0.0002   0.0004
DH,2236bits               1         0.0002   0.0004
DH,3072bits               19        0.004    0.0074
DH,3248bits               2         0.0004   0.0008
DH,4094bits               1         0.0002   0.0004
DH,4096bits               2115      0.4417   0.8256
DH,512bits                87        0.0182   0.034
DH,768bits                759       0.1585   0.2963
DH,8192bits               1         0.0002   0.0004
ECDH,B-163,163bits        7         0.0015   0.0023
ECDH,B-571,570bits        707       0.1476   0.2311
ECDH,K-163,163bits        1         0.0002   0.0003
ECDH,P-224,224bits        51        0.0107   0.0167
ECDH,P-256,256bits        299807    62.6102  97.9781
ECDH,P-384,384bits        3156      0.6591   1.0314
ECDH,P-521,521bits        4454      0.9302   1.4556
Prefer DH,1024bits        99375     20.753   38.7896
Prefer DH,2048bits        2882      0.6019   1.1249
Prefer DH,2236bits        1         0.0002   0.0004
Prefer DH,4096bits        90        0.0188   0.0351
Prefer DH,512bits         3         0.0006   0.0012
Prefer DH,768bits         420       0.0877   0.1639
Prefer ECDH,B-163,163bits 7         0.0015   0.0023
Prefer ECDH,B-571,570bits 521       0.1088   0.1703
Prefer ECDH,K-163,163bits 1         0.0002   0.0003
Prefer ECDH,P-224,224bits 18        0.0038   0.0059
Prefer ECDH,P-256,256bits 243201    50.7889  79.479
Prefer ECDH,P-384,384bits 3079      0.643    1.0062
Prefer ECDH,P-521,521bits 4146      0.8658   1.3549
Prefer PFS                353744    73.8741  0
Support PFS               407631    85.1276  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
brainpoolP256r1           77        0.0161   
brainpoolP384r1           77        0.0161   
brainpoolP512r1           77        0.0161   
prime192v1                721       0.1506   
prime256v1                305466    63.792   
prime256v1 Only           265378    55.4202  
secp160k1                 689       0.1439   
secp160r1                 688       0.1437   
secp160r2                 688       0.1437   
secp192k1                 716       0.1495   
secp224k1                 747       0.156    
secp224r1                 1221      0.255    
secp224r1 Only            1         0.0002   
secp256k1                 766       0.16     
secp384r1                 40252     8.406    
secp384r1 Only            166       0.0347   
secp521r1                 9985      2.0852   
secp521r1 Only            86        0.018    
sect163k1                 688       0.1437   
sect163r1                 688       0.1437   
sect163r2                 695       0.1451   
sect163r2 Only            7         0.0015   
sect193r1                 688       0.1437   
sect193r2                 688       0.1437   
sect233k1                 738       0.1541   
sect233r1                 738       0.1541   
sect239k1                 737       0.1539   
sect283k1                 737       0.1539   
sect283r1                 737       0.1539   
sect409k1                 737       0.1539   
sect409r1                 737       0.1539   
sect571k1                 756       0.1579   
sect571r1                 756       0.1579   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          75947     15.8604  
True                           188432    39.3512  
order-specific                 12        0.0025   
unknown                        214456    44.7859  

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
client                    1661      0.3469   
inconclusive-noecc        4         0.0008   
server                    304074    63.5013  
unknown                   173108    36.151   

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     27872     5.8206   
ECDSA-SHA224                   27873     5.8209   
ECDSA-SHA256                   27873     5.8209   
ECDSA-SHA384                   27874     5.8211   
ECDSA-SHA512                   27874     5.8211   
RSA-MD5                        132832    27.74    
RSA-MD5 Only                   1         0.0002   
RSA-SHA1                       275469    57.5276  
RSA-SHA1 Only                  42560     8.888    
RSA-SHA224                     224806    46.9474  
RSA-SHA256                     235988    49.2825  
RSA-SHA256 Only                2701      0.5641   
RSA-SHA384                     225210    47.0317  
RSA-SHA512                     225254    47.0409  
RSA-SHA512 Only                39        0.0081   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         206251    43.0724  
indeterminate                  7         0.0015   
intolerant                     1409      0.2942   
order-fallback                 2         0.0004   
server                         98943     20.6628  
unsupported                    37273     7.7839   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     27871     5.8204   
ECDSA intolerant               4         0.0008   
ECDSA pfs-rsa-SHA512           1         0.0002   
RSA False                      131264    27.4125  
RSA SHA1                       125024    26.1094  
RSA intolerant                 20874     4.3592   
RSA pfs-ecdsa-SHA512           1         0.0002   
RSA soft-nopfs                 1609      0.336    

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     9764      2.0391   
insecure                  25819     5.3919   
secure                    443264    92.569   

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      15459     3.2284   
False                     9764      2.0391   
NONE                      453624    94.7326  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         2         0.0004   
1 only                    2         0.0004   
2                         2         0.0004   
2 only                    2         0.0004   
5                         1         0.0002   
5 only                    1         0.0002   
10                        4         0.0008   
10 only                   4         0.0008   
15                        8         0.0017   
15 only                   8         0.0017   
30                        10        0.0021   
30 only                   10        0.0021   
60                        71        0.0148   
60 only                   64        0.0134   
65                        1         0.0002   
65 only                   1         0.0002   
70                        4         0.0008   
75                        1         0.0002   
75 only                   1         0.0002   
100                       11        0.0023   
100 only                  11        0.0023   
120                       24        0.005    
120 only                  23        0.0048   
128                       3         0.0006   
128 only                  3         0.0006   
180                       47        0.0098   
180 only                  45        0.0094   
240                       11        0.0023   
240 only                  11        0.0023   
300                       201017    41.9794  
300 only                  192323    40.1638  
360                       2         0.0004   
360 only                  1         0.0002   
400                       4         0.0008   
400 only                  4         0.0008   
420                       37        0.0077   
420 only                  26        0.0054   
480                       16        0.0033   
480 only                  14        0.0029   
500                       4         0.0008   
500 only                  4         0.0008   
600                       14965     3.1252   
600 only                  14676     3.0649   
720                       1         0.0002   
720 only                  1         0.0002   
840                       1         0.0002   
840 only                  1         0.0002   
900                       520       0.1086   
900 only                  500       0.1044   
960                       2         0.0004   
960 only                  2         0.0004   
1000                      1         0.0002   
1000 only                 1         0.0002   
1200                      286       0.0597   
1200 only                 283       0.0591   
1500                      9         0.0019   
1500 only                 8         0.0017   
1800                      343       0.0716   
1800 only                 334       0.0698   
2100                      1         0.0002   
2100 only                 1         0.0002   
2400                      2         0.0004   
2400 only                 2         0.0004   
2700                      5         0.001    
2700 only                 5         0.001    
3000                      11        0.0023   
3000 only                 11        0.0023   
3600                      329       0.0687   
3600 only                 312       0.0652   
5400                      10        0.0021   
6000                      3         0.0006   
6000 only                 3         0.0006   
7200                      14085     2.9414   
7200 only                 11423     2.3855   
10800                     1006      0.2101   
10800 only                1001      0.209    
14400                     1416      0.2957   
14400 only                1415      0.2955   
18000                     1         0.0002   
18000 only                1         0.0002   
21600                     4976      1.0392   
21600 only                4973      1.0385   
28800                     12        0.0025   
28800 only                11        0.0023   
36000                     980       0.2047   
36000 only                975       0.2036   
43200                     101       0.0211   
43200 only                101       0.0211   
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     45713     9.5465   
64800 only                45710     9.5458   
72000                     8         0.0017   
72000 only                8         0.0017   
86000                     28        0.0058   
86000 only                28        0.0058   
86400                     225       0.047    
86400 only                224       0.0468   
93600                     1         0.0002   
93600 only                1         0.0002   
100800                    12805     2.6741   
100800 only               12805     2.6741   
129600                    8         0.0017   
129600 only               8         0.0017   
172800                    1         0.0002   
172800 only               1         0.0002   
604800                    1         0.0002   
604800 only               1         0.0002   
864000                    3         0.0006   
864000 only               3         0.0006   
None                      191458    39.9831  
None only                 179709    37.5295  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      15481     3.233    
ecdsa-with-SHA256         27852     5.8165   
sha1WithRSAEncryption     247414    51.6687  
sha256WithRSAEncryption   203665    42.5324  
sha512WithRSAEncryption   10        0.0021   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 27873     5.8209   
ECDSA 384                 4         0.0008   
RSA 1024                  586       0.1224   
RSA 10240                 4         0.0008   
RSA 2028                  1         0.0002   
RSA 2047                  1         0.0002   
RSA 2048                  434653    90.7707  
RSA 2049                  2         0.0004   
RSA 2056                  3         0.0006   
RSA 2058                  4         0.0008   
RSA 2064                  1         0.0002   
RSA 2080                  2         0.0004   
RSA 2084                  14        0.0029   
RSA 2096                  1         0.0002   
RSA 2408                  3         0.0006   
RSA 2432                  5         0.001    
RSA 2612                  1         0.0002   
RSA 3072                  81        0.0169   
RSA 3102                  1         0.0002   
RSA 3248                  3         0.0006   
RSA 3600                  1         0.0002   
RSA 4042                  1         0.0002   
RSA 4048                  2         0.0004   
RSA 4056                  32        0.0067   
RSA 4069                  1         0.0002   
RSA 4086                  2         0.0004   
RSA 4092                  2         0.0004   
RSA 4096                  15597     3.2572   
RSA 4098                  2         0.0004   
RSA 8192                  4         0.0008   
RSA/ECDSA Dual Stack      30        0.0063

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 79626     16.6287  
Unsupported               399221    83.3713  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      34004     7.1012
SSL2 Only                 83        0.0173
SSL3                      160049    33.4238
SSL3 Only                 1554      0.3245
SSL3 or TLS1 Only         99562     20.792
SSL3 or lower Only        1597      0.3335
TLS1                      476217    99.4508
TLS1 Only                 53875     11.251
TLS1 or lower Only        130773    27.31
TLS1.1                    333272    69.5988
TLS1.1 Only               6         0.0013
TLS1.1 or up Only         690       0.1441
TLS1.2                    343871    71.8123
TLS1.2 Only               495       0.1034
TLS1.2, 1.0 but not 1.1   12594     2.6301

Statistics from 506677 chains provided by 663743 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  445855    67.1728
incomplete                28915     4.3564
untrusted                 188973    28.4708


Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         1250      0.2467
3                         435699    85.9915
4                         69697     13.7557
5                         31        0.0061

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 27724     
ECDSA 384                 27724     
RSA 1024                  1237      
RSA 2045                  1         
RSA 2048                  945864    
RSA 4096                  79313     

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 27724     5.4717
ECDSA 384                 27724     5.4717
RSA 1024                  1233      0.2434
RSA 2045                  1         0.0002
RSA 2048                  477582    94.2577
RSA 4096                  78697     15.532

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              27724     
sha1WithRSAEncryption          272982    
sha256WithRSAEncryption        141436    
sha384WithRSAEncryption        133014    
sha512WithRSAEncryption        30        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        273108    53.9018
112                       205843    40.6261
128                       27726     5.4721

Root CAs                                      Count     Percent
---------------------------------------------+---------+-------
(2c543cd1) GeoTrust Global CA                 112003    22.1054
(157753a5) AddTrust External CA Root          103054    20.3392
(5ad8a5d6) GlobalSign Root CA                 51402     10.1449
(cbf06781) Go Daddy Root Certificate Authorit 42982     8.4831
(b204d74a) VeriSign Class 3 Public Primary Ce 29072     5.7378
(eed8c118) COMODO ECC Certification Authority 27720     5.4709
(2e4eed3c) thawte Primary Root CA             26917     5.3125
(244b5494) DigiCert High Assurance EV Root CA 23747     4.6868
(653b494a) Baltimore CyberTrust Root          11804     2.3297
(f081611a) The Go Daddy Group, Inc.           11749     2.3188
(b13cc6df) UTN-USERFirst-Hardware             9836      1.9413
(ae8153b9) StartCom Certification Authority   9546      1.884
(f387163d) Starfield Technologies, Inc.       8019      1.5827
(40547a79) COMODO Certification Authority     6997      1.381
(3513523f) DigiCert Global Root CA            5757      1.1362


Scan performed between 19th and 27th of February 2015.

January 2015 scan results

This time we have reached few milestones. First of all, we’re very close to half (46.8%) of the servers in Alexa top 1 million supporting TLS with valid certificates. Over half of the servers support and prefer NIST P-256 ECDHE key exchange and just under a half of servers have certificates signed with SHA-256.

Ciphers

3DES ciphers have suffered significant drop of 3.7%, at the same time AES is on road to completely dominate market up by 0.3% to 94.2%. AES in Galois/Counter Mode has increased more significantly, by 3.8% to 56.9%. Camellia has gained 2.7% while Chacha20 has remained in place.

Completely insecure ciphers have lost 2% to a level of 18.8%, still high, but at least going in right direction.

RC4 still remains as the 3rd most popular cipher, despite loosing 1.3% share, at 80.5%. While servers that support only RC4 ciphers lost only 0.07% it places them at an all time low of 0.79% (3712 servers). Still a large part (13.8%) of servers prefer RC4 even if client supports better ciphers, a drop of only 1.4%. Significant number of servers also force RC4 in TLS1.1 or TLS1.2: 8.75% (drop of 0.7%).

Server side ordering has increased by 2.5% to 70%.

Key exchange

Support for ECDHE key exchange has jumped by nearly 4% to 62.7%. That bumped support for ECDHE with NIST P-256 curve by over 4.1% to 50%! Unfortunately other PFS key exchanges have decreased, so in the end the total has grown by 2.3% to 73.8%.

Of other types, servers that prefer1024 bit finite-field DHE has lost 1.8% which brings them down to 20.8% of total.

ECC curves

In line with changes to key exchange, support for NIST P-256 curve has grown by just under 4%, all of which went to servers that support just this one curve. Other curves have shown little to no changes.

Similarly, all those servers don’t fallback to different cipher in case the client doesn’t support this NIST curve and use server side curve ordering, bringing them respectively to 15.9% and 62.3%.

Hash and signature algorithms

Significant portion of the new servers also support the MD5 algorithm when paired with RSA – it has increased by 3.2% to a total of 27.5%. SHA1-RSA increased by 3.6 to 56.3%, SHA2-RSA on average increased by 3.3%.

Client side ordering of hash and signature algorithms has unfortunately increased by the same 3.2% to 42.8%.

Vulnerabilities

Unfortunately a still rather big portion of servers are vulnerable to the renegotiation vulnerability and to CRIME, they have decreased by 0.5% and 0.44% respectively.

Certificates

By far the largest changes seen are related to certificates used by servers. End entity certificates signed by SHA-1 have dropped by over 7.2% to 55.4%. The increase was mostly visible at SHA-256 with RSA, which increased by 7%. Certificates signed with SHA-256 ECDSA increased by 0.19%.

While signature algorithms have changed significantly, the key sizes did not. 2048 bit RSA is still at 90.6%.

Protocols

Obsolete protocols are still supported by significant portion of the servers, with SSLv2 falling by just 0.88% to 7.2% and SSLv3 falling by 4.7% to 35%. I’d rather see both of them below 1%.

The good news is that the vast majority of servers support also newer protocols and just 0.3% of servers require SSLv3 or SSLv2 to connect. Also TLSv1.2 has increased by 3% bringing it up to 71%, but still rather far from the 99.5% of TLSv1.0.

Results

SSL/TLS survey of 468782 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate installed)


Supported Ciphers         Count     Percent
-------------------------+---------+-------
3DES                      379700    80.9971
3DES Only                 439       0.0936
AES                       441928    94.2715
AES Only                  7037      1.5011
AES-CBC Only              4003      0.8539
AES-GCM                   266888    56.9322
AES-GCM Only              20        0.0043
CAMELLIA                  194963    41.5893
CAMELLIA Only             1         0.0002
CHACHA20                  14394     3.0705
Insecure                  88248     18.825
RC4                       377778    80.5871
RC4 Only                  3712      0.7918
RC4 Preferred             64613     13.7832
RC4 forced in TLS1.1+     41031     8.7527
x:FF 29 RC4 Only          541       0.1154
x:FF 29 RC4 Preferred     70622     15.065
x:FF 29 incompatible      136       0.029
y:DHE-RSA-SEED-SHA        103049    21.9823
y:IDEA-CBC-MD5            2923      0.6235
y:IDEA-CBC-SHA            85417     18.221
y:SEED-SHA                102704    21.9087
z:ADH-AES128-GCM-SHA256   340       0.0725
z:ADH-AES128-SHA          968       0.2065
z:ADH-AES128-SHA256       284       0.0606
z:ADH-AES256-GCM-SHA384   346       0.0738
z:ADH-AES256-SHA          980       0.2091
z:ADH-AES256-SHA256       285       0.0608
z:ADH-CAMELLIA128-SHA     426       0.0909
z:ADH-CAMELLIA256-SHA     435       0.0928
z:ADH-DES-CBC-SHA         374       0.0798
z:ADH-DES-CBC3-SHA        995       0.2123
z:ADH-RC4-MD5             771       0.1645
z:ADH-SEED-SHA            281       0.0599
z:AECDH-AES128-SHA        14166     3.0219
z:AECDH-AES256-SHA        14171     3.0229
z:AECDH-DES-CBC3-SHA      14128     3.0138
z:AECDH-NULL-SHA          30        0.0064
z:AECDH-RC4-SHA           13177     2.8109
z:DES-CBC-MD5             18509     3.9483
z:DES-CBC-SHA             50349     10.7404
z:DES-CBC3-MD5            33636     7.1752
z:ECDHE-RSA-NULL-SHA      36        0.0077
z:EDH-RSA-DES-CBC-SHA     42662     9.1006
z:EXP-ADH-DES-CBC-SHA     304       0.0648
z:EXP-ADH-RC4-MD5         307       0.0655
z:EXP-DES-CBC-SHA         35818     7.6407
z:EXP-EDH-RSA-DES-CBC-SHA 25232     5.3825
z:EXP-RC2-CBC-MD5         40481     8.6354
z:EXP-RC4-MD5             43298     9.2363
z:EXP1024-DES-CBC-SHA     9341      1.9926
z:EXP1024-RC4-SHA         9490      2.0244
z:NULL-MD5                272       0.058
z:NULL-SHA                271       0.0578
z:NULL-SHA256             10        0.0021
z:RC2-CBC-MD5             18871     4.0255
z:RC4-64-MD5              1585      0.3381

Cipher ordering           Count     Percent
-------------------------+---------+-------
Client side               140561    29.9843
Server side               328221    70.0157

Supported Handshakes      Count     Percent
-------------------------+---------+-------
ADH                       1076      0.2295
AECDH                     14190     3.027
DHE                       245202    52.3062
ECDHE                     294046    62.7255
ECDHE and DHE             143454    30.6014
RSA                       437715    93.3728

Supported PFS             Count     Percent  PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits               214522    45.7616  87.4879
DH,1536bits               1         0.0002   0.0004
DH,2048bits               28062     5.9862   11.4444
DH,2226bits               1         0.0002   0.0004
DH,2236bits               3         0.0006   0.0012
DH,3072bits               12        0.0026   0.0049
DH,3248bits               2         0.0004   0.0008
DH,4096bits               1773      0.3782   0.7231
DH,512bits                25325     5.4023   10.3282
DH,768bits                754       0.1608   0.3075
DH,8192bits               1         0.0002   0.0004
ECDH,B-163,163bits        7         0.0015   0.0024
ECDH,B-571,570bits        635       0.1355   0.216
ECDH,K-163,163bits        1         0.0002   0.0003
ECDH,P-224,224bits        47        0.01     0.016
ECDH,P-256,256bits        288396    61.5203  98.0785
ECDH,P-384,384bits        1689      0.3603   0.5744
ECDH,P-521,521bits        4134      0.8819   1.4059
Prefer DH,1024bits        97828     20.8685  39.8969

Prefer DH,2048bits        2713      0.5787   1.1064
Prefer DH,2236bits        2         0.0004   0.0008
Prefer DH,4096bits        92        0.0196   0.0375
Prefer DH,512bits         5         0.0011   0.002
Prefer DH,768bits         425       0.0907   0.1733
Prefer ECDH,B-163,163bits 7         0.0015   0.0024
Prefer ECDH,B-571,570bits 472       0.1007   0.1605
Prefer ECDH,P-224,224bits 18        0.0038   0.0061
Prefer ECDH,P-256,256bits 236264    50.3995  80.3493
Prefer ECDH,P-384,384bits 1629      0.3475   0.554
Prefer ECDH,P-521,521bits 3807      0.8121   1.2947
Prefer PFS                343262    73.2242  0
Support PFS               395794    84.4303  0

Supported ECC curves      Count     Percent 
-------------------------+---------+--------
brainpoolP256r1           26        0.0055   
brainpoolP384r1           26        0.0055   
brainpoolP512r1           26        0.0055   
prime192v1                651       0.1389   
prime256v1                293388    62.5852  
prime256v1 Only           255238    54.4471  
secp160k1                 620       0.1323   
secp160r1                 620       0.1323   
secp160r2                 620       0.1323   
secp192k1                 643       0.1372   
secp224k1                 674       0.1438   
secp224r1                 1052      0.2244   
secp224r1 Only            1         0.0002   
secp256k1                 688       0.1468   
secp384r1                 38294     8.1688   
secp384r1 Only            149       0.0318   
secp521r1                 9560      2.0393   
secp521r1 Only            78        0.0166   
sect163k1                 619       0.132    
sect163k1 Only            2         0.0004   
sect163r1                 617       0.1316   
sect163r2                 624       0.1331   
sect163r2 Only            7         0.0015   
sect193r1                 617       0.1316   
sect193r2                 617       0.1316   
sect233k1                 663       0.1414   
sect233r1                 663       0.1414   
sect239k1                 663       0.1414   
sect283k1                 663       0.1414   
sect283r1                 663       0.1414   
sect409k1                 663       0.1414   
sect409r1                 663       0.1414   
sect571k1                 678       0.1446   
sect571r1                 678       0.1446   

Unsupported curve fallback     Count     Percent 
------------------------------+---------+--------
False                          74840     15.9648  
True                           178977    38.1792  
order-specific                 4         0.0009   
unknown                        214961    45.8552  

ECC curve ordering        Count     Percent 
-------------------------+---------+--------
client                    1535      0.3274   
inconclusive-noecc        10        0.0021   
server                    292089    62.3081  
unknown                   175148    37.3624  

TLSv1.2 PFS supported sigalgs  Count     Percent 
------------------------------+---------+--------
ECDSA-SHA1                     27584     5.8842   
ECDSA-SHA224                   27586     5.8846   
ECDSA-SHA256                   27589     5.8853   
ECDSA-SHA384                   27589     5.8853   
ECDSA-SHA512                   27592     5.8859   
ECDSA-SHA512 Only              3         0.0006   
RSA-MD5                        129219    27.5648  
RSA-MD5 Only                   1         0.0002   
RSA-SHA1                       264047    56.3262  
RSA-SHA1 Only                  39893     8.5099   
RSA-SHA224                     218373    46.5831  
RSA-SHA256                     226747    48.3694  
RSA-SHA256 Only                2201      0.4695   
RSA-SHA384                     218786    46.6712  
RSA-SHA512                     218825    46.6795  
RSA-SHA512 Only                35        0.0075   

TLSv1.2 PFS ordering           Count     Percent 
------------------------------+---------+--------
client                         200794    42.8331  
indeterminate                  7         0.0015   
intolerant                     1232      0.2628   
order-fallback                 4         0.0009   
server                         92359     19.7019  
unsupported                    38359     8.1827   

TLSv1.2 PFS sigalg fallback    Count     Percent 
------------------------------+---------+--------
ECDSA SHA1                     27581     5.8835   
ECDSA intolerant               18        0.0038   
ECDSA pfs-rsa-SHA512           1         0.0002   
RSA False                      127614    27.2225  
RSA SHA1                       118594    25.2983  
RSA intolerant                 19071     4.0682   
RSA pfs-ecdsa-SHA512           2         0.0004   
RSA soft-nopfs                 1735      0.3701   

Renegotiation             Count     Percent 
-------------------------+---------+--------
False                     10263     2.1893   
insecure                  26115     5.5708   
secure                    432404    92.2399  

Compression               Count     Percent 
-------------------------+---------+--------
1 (zlib compression)      17088     3.6452   
False                     10263     2.1893   
NONE                      441431    94.1655  

TLS session ticket hint   Count     Percent 
-------------------------+---------+--------
1                         2         0.0004   
1 only                    2         0.0004   
2                         2         0.0004   
2 only                    2         0.0004   
5                         1         0.0002   
5 only                    1         0.0002   
10                        7         0.0015   
10 only                   7         0.0015   
15                        6         0.0013   
15 only                   6         0.0013   
30                        8         0.0017   
30 only                   7         0.0015   
60                        59        0.0126   
60 only                   54        0.0115   
65                        1         0.0002   
65 only                   1         0.0002   
70                        3         0.0006   
100                       14        0.003    
100 only                  14        0.003    
120                       20        0.0043   
120 only                  20        0.0043   
128                       3         0.0006   
128 only                  3         0.0006   
180                       37        0.0079   
180 only                  36        0.0077   
240                       3         0.0006   
240 only                  3         0.0006   
256                       1         0.0002   
256 only                  1         0.0002   
300                       197397    42.1085  
300 only                  187977    40.099   
360                       1         0.0002   
360 only                  1         0.0002   
400                       2         0.0004   
400 only                  2         0.0004   
420                       34        0.0073   
420 only                  28        0.006    
480                       11        0.0023   
480 only                  11        0.0023   
600                       14041     2.9952   
600 only                  13846     2.9536   
720                       1         0.0002   
720 only                  1         0.0002   
900                       517       0.1103   
900 only                  503       0.1073   
960                       2         0.0004   
960 only                  2         0.0004   
1000                      1         0.0002   
1000 only                 1         0.0002   
1200                      259       0.0552   
1200 only                 255       0.0544   
1500                      11        0.0023   
1500 only                 10        0.0021   
1800                      271       0.0578   
1800 only                 262       0.0559   
2100                      1         0.0002   
2100 only                 1         0.0002   
2400                      2         0.0004   
2400 only                 2         0.0004   
2520                      1         0.0002   
2520 only                 1         0.0002   
2700                      6         0.0013   
2700 only                 6         0.0013   
3000                      9         0.0019   
3000 only                 9         0.0019   
3600                      317       0.0676   
3600 only                 297       0.0634   
5400                      3         0.0006   
6000                      4         0.0009   
6000 only                 4         0.0009   
7200                      12206     2.6038   
7200 only                 9111      1.9435   
10800                     15        0.0032   
10800 only                9         0.0019   
14400                     1229      0.2622   
14400 only                1229      0.2622   
18000                     3         0.0006   
18000 only                3         0.0006   
21600                     3169      0.676    
21600 only                3169      0.676    
28800                     10        0.0021   
28800 only                9         0.0019   
36000                     938       0.2001   
36000 only                932       0.1988   
43200                     2190      0.4672   
43200 only                2190      0.4672   
60000                     1         0.0002   
60000 only                1         0.0002   
64800                     44686     9.5324   
64800 only                44673     9.5296   
72000                     7         0.0015   
72000 only                7         0.0015   
84600                     1         0.0002   
84600 only                1         0.0002   
86000                     34        0.0073   
86000 only                34        0.0073   
86400                     206       0.0439   
86400 only                204       0.0435   
93600                     1         0.0002   
93600 only                1         0.0002   
100800                    14125     3.0131   
100800 only               14122     3.0125   
129600                    11        0.0023   
129600 only               11        0.0023   
172800                    1         0.0002   
172800 only               1         0.0002   
600000                    1         0.0002   
600000 only               1         0.0002   
604800                    1         0.0002   
604800 only               1         0.0002   
864000                    6         0.0013   
864000 only               6         0.0013   
None                      189285    40.378   
None only                 177289    37.8191  

Certificate sig alg     Count     Percent 
-------------------------+---------+--------
None                      15085     3.2179   
ecdsa-with-SHA256         27569     5.881    
sha1WithRSAEncryption     260100    55.4842  
sha256WithRSAEncryption   181166    38.6461  
sha512WithRSAEncryption   8         0.0017   

Certificate key size    Count     Percent 
-------------------------+---------+--------
ECDSA 256                 27597     5.887    
ECDSA 384                 3         0.0006   
RSA 1024                  1100      0.2347   
RSA 10240                 4         0.0009   
RSA 2028                  1         0.0002   
RSA 2047                  1         0.0002   
RSA 2048                  424764    90.6101  
RSA 2049                  3         0.0006   
RSA 2056                  5         0.0011   
RSA 2058                  2         0.0004   
RSA 2064                  1         0.0002   
RSA 2080                  2         0.0004   
RSA 2084                  11        0.0023   
RSA 2096                  1         0.0002   
RSA 2345                  1         0.0002   
RSA 2408                  2         0.0004   
RSA 2432                  5         0.0011   
RSA 2612                  1         0.0002   
RSA 3071                  1         0.0002   
RSA 3072                  72        0.0154   
RSA 3102                  1         0.0002   
RSA 3248                  3         0.0006   
RSA 3600                  1         0.0002   
RSA 4042                  1         0.0002   
RSA 4048                  2         0.0004   
RSA 4056                  35        0.0075   
RSA 4086                  2         0.0004   
RSA 4092                  3         0.0006   
RSA 4096                  15196     3.2416   
RSA 4098                  2         0.0004   
RSA 8192                  4         0.0009   
RSA/ECDSA Dual Stack      35        0.0075

OCSP stapling             Count     Percent 
-------------------------+---------+--------
Supported                 79939     17.0525  
Unsupported               388843    82.9475  

Supported Protocols       Count     Percent
-------------------------+---------+-------
SSL2                      33923     7.2364
SSL2 Only                 81        0.0173
SSL3                      165570    35.3192
SSL3 Only                 1467      0.3129
SSL3 or TLS1 Only         100568    21.453
SSL3 or lower Only        1518      0.3238
TLS1                      466356    99.4825
TLS1 Only                 52609     11.2225
TLS1 or lower Only        131814    28.1184
TLS1.1                    322576    68.8115
TLS1.1 Only               7         0.0015
TLS1.1 or up Only         613       0.1308
TLS1.2                    332743    70.9803
TLS1.2 Only               464       0.099
TLS1.2, 1.0 but not 1.1   12283     2.6202



Statistics from 494138 chains provided by 657485 hosts

Server provided chains    Count     Percent
-------------------------+---------+-------
complete                  439749    66.8835
incomplete                25522     3.8818
untrusted                 192214    29.2347

Trusted chain statistics
========================

Chain length              Count     Percent
-------------------------+---------+-------
2                         1550      0.3137
3                         459587    93.0078
4                         32976     6.6734
5                         25        0.0051

CA key size in chains     Count
-------------------------+---------
ECDSA 256                 27473     
ECDSA 384                 27471     
RSA 1024                  26220     
RSA 2045                  1         
RSA 2048                  866093    
RSA 4096                  72494     

Chains with CA key        Count     Percent
-------------------------+---------+-------
ECDSA 256                 27473     5.5598
ECDSA 384                 27471     5.5594
RSA 1024                  26219     5.306
RSA 2045                  1         0.0002
RSA 2048                  465353    94.1747
RSA 4096                  72026     14.5761

Signature algorithm (ex. root) Count
------------------------------+---------
ecdsa-with-SHA384              27473     
sha1WithRSAEncryption          318089    
sha256WithRSAEncryption        119575    
sha384WithRSAEncryption        60453     
sha512WithRSAEncryption        24        

Eff. host cert chain LoS  Count     Percent
-------------------------+---------+-------
80                        294492    59.5971
112                       172174    34.8433
128                       27472     5.5596

Scan performed between 17th and 30th of January 2015.