bug#31946: 27.0.50; The NSM should warn about more TLS problems

[Jimmy Yuen Ho Wong]

The Telemetry data[1] from Mozilla in bug report 1227519[2] suggests
DHE usage is very low for HTTP. No data for any other protocol.

I just used Wireshark on Chrome and Firefox on macOS, they all seem to
advertise DH and DHE cipher suites in Client Hello for TLS 1.2, they
even advertise CBC mode ciphers too. While I'm not sure about Firefox,
surely Chrome has removed DHE_SHA KX and CBC modes according to
ChromeStatus[3]?


[1]: https://tlscanary.mozilla.org/runs/2018-01-25-01-21-44/
[2]: https://bugzilla.mozilla.org/show_bug.cgi?id=1227519
[3]: https://www.chromestatus.com/features#tls

On Thu, Jun 28, 2018 at 6:01 PM, Lars Ingebrigtsen <larsi@gnus.org> wrote:
> Jimmy Yuen Ho Wong <wyuenho@gmail.com> writes:
>
>>> I can't see that that web page mentions Diffie-Hellman at all?
>>>
>>
>> Click on the individual browsers.
>
> I see.
>
>> SSLLabs only reports that Firefox 59 / Win 7 has dropped support for
>> DHE_RSA in the UA capabilities page[1], but client test[2] still shows
>> it is supported, so does Chrome and Safari. I don't understand what's
>> going on there. Could that list in in client test be static? Or that
>> browsers still advertise their support for DHE_RSA when in fact they
>> don't? Might have to get on a server and log out the TLS handshake to
>> see what's actually going on...
>>
>> [1]: https://www.ssllabs.com/ssltest/clients.html
>> [2]: https://www.ssllabs.com/ssltest/viewMyClient.html
>
> My
>
> Chromium        66.0.3359.117 (Developer Build) built on Debian 9.4,
> running on Debian 9.4 (64-bit)
>
> on the viewMyClient reports not supporting DHE-RSA.
>
> Confusing.  :-)
>
> I tried finding a web site that says how many sites do not support ECDHE
> as key exchange, and only found something from 2014 that says that was
> 60%...
>
> --
> (domestic pets only, the antidote for overdose, milk.)
>    bloggy blog: http://lars.ingebrigtsen.no