On Feb 13, 2013, at 3:22 PM, Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote:
Bodo Moeller <bmoeller@acm.org> writes:
On Wed, Feb 13, 2013 at 12:52 PM, Peter Gutmann <pgut001@cs.auckland.ac.nz>wrote:
active use of ECC suites on the public Internet is practically nonexistent
That's not entirely accurate; try www.google.com.
It was based on the last (SSL Observatory?) scans at the time which found about five or six servers worldwide, presumably the test servers being run by Certicom, Red Hat, Microsoft, etc. If Google supports ECC now that'd be good, one more site to test against.
We see quite a bit of ECDHE traffic at the sites that feed our notary. At the moment, the top-3 cipher suites we see (by connection count) are TLS_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA and TLS_ECDHE_RSA_WITH_RC4_128_SHA. We also see TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (7th most popular). If http://www.imperialviolet.org/2012/03/02/ieecdhe.html is still correct, RC4+ECDHE is chosen by Chrome and Firefox. AES+ECDHE is Safari and Internet Explorer. The first non-AES/RC4 cipher suite is TLS_RSA_WITH_3DES_EDE_CBC_SHA (9th most popular) followed by TLS_RSA_WITH_CAMELLIA_256_CBC_SHA. Bernhard _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE