본 사이트는 여러분의 사용자 경험을 개선하기 위해 유지 보수를 진행하는 동안 기능이 제한됩니다. 도움말로 문제가 해결되지 않고 질문을 하고 싶다면 Twitter의 @FirefoxSupport 및 Reddit의 /r/firefox 채널을 활용하세요.

Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

What is the actual exact order of the cipher suites offered by firefox client when making ssl/tls handshake?

  • 2 답장
  • 1 이 문제를 만남
  • 10 보기
  • 최종 답변자: emmy786

more options

When I click about:config and type 'security.ssl3.' in the search box, I got the list of cipher suites that firefox supports ordered alphabetically. In SSL protocol, the client send the supported cipher suites to the server. In some cases, the order of these ciphers in the client make difference on the choice of the server. I need to know what is the exact actual order that firefox client presents to SSL server? Tanks.

When I click about:config and type 'security.ssl3.' in the search box, I got the list of cipher suites that firefox supports ordered alphabetically. In SSL protocol, the client send the supported cipher suites to the server. In some cases, the order of these ciphers in the client make difference on the choice of the server. I need to know what is the exact actual order that firefox client presents to SSL server? Tanks.

모든 댓글 (2)

more options
more options

Thanks. I viewed the code. I am trying to understand. I found a list of ciphersuites starting from line 84. Here is what is says: /* Deprecated SSL 3.0 & libssl names replaced by IANA-registered TLS names. */ 85 #ifndef SSL_DISABLE_DEPRECATED_CIPHER_SUITE_NAMES 86 #define SSL_NULL_WITH_NULL_NULL TLS_NULL_WITH_NULL_NULL . .

Ok, what I understand is that firefox offers no authentication no encryption (no security) as first option, if the server accept this, it will choose it? Because the first NULL means no authentication, the second NULL means no encryption, and the third means no Hash function.

am I right in my interpretation?

If you have a definite answer of what order does firefox client offers to ssl/tls server, please, provide me with accurate answer. I am not sure of my own interpretation for the code.