This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

What is the actual exact order of the cipher suites offered by firefox client when making ssl/tls handshake?

  • 2 svar
  • 1 har dette problemet
  • 10 views
  • Siste svar av emmy786

more options

When I click about:config and type 'security.ssl3.' in the search box, I got the list of cipher suites that firefox supports ordered alphabetically. In SSL protocol, the client send the supported cipher suites to the server. In some cases, the order of these ciphers in the client make difference on the choice of the server. I need to know what is the exact actual order that firefox client presents to SSL server? Tanks.

When I click about:config and type 'security.ssl3.' in the search box, I got the list of cipher suites that firefox supports ordered alphabetically. In SSL protocol, the client send the supported cipher suites to the server. In some cases, the order of these ciphers in the client make difference on the choice of the server. I need to know what is the exact actual order that firefox client presents to SSL server? Tanks.

All Replies (2)

more options
more options

Thanks. I viewed the code. I am trying to understand. I found a list of ciphersuites starting from line 84. Here is what is says: /* Deprecated SSL 3.0 & libssl names replaced by IANA-registered TLS names. */ 85 #ifndef SSL_DISABLE_DEPRECATED_CIPHER_SUITE_NAMES 86 #define SSL_NULL_WITH_NULL_NULL TLS_NULL_WITH_NULL_NULL . .

Ok, what I understand is that firefox offers no authentication no encryption (no security) as first option, if the server accept this, it will choose it? Because the first NULL means no authentication, the second NULL means no encryption, and the third means no Hash function.

am I right in my interpretation?

If you have a definite answer of what order does firefox client offers to ssl/tls server, please, provide me with accurate answer. I am not sure of my own interpretation for the code.