http://bugzilla.opensuse.org/show_bug.cgi?id=902781 --- Comment #5 from Sebastian K <admin@ifyouwantblood.de> --- big big thx for implementing support for PFS Matthew! :-) still, the default encryption method selected by the servers is RC4-SHA if supported. this is also checked by ssllabs.com under Handshake Simulation with different browsers (see screenshot http://prohtmeyhet.de/uploads/opensuse-ssl.png). for example you can see that with Firefox 32 RC4 is selected (if that firefox supports/enables RC4): Firefox 32 / OS X R TLS 1.0 TLS_RSA_WITH_RC4_128_SHA (0x5) you can test this yourself (also on your test servers) with sslscan from https://github.com/rbsec/sslscan (see Preferred Server Cipher(s)): -------------------------------------------- ./sslscan www.suse.com Version: 1.9.7-rbsec-10-gb730ff2 OpenSSL 1.0.1i-fips 6 Aug 2014 OpenSSL version does not support SSLv2 SSLv2 ciphers will not be detected Testing SSL server www.suse.com on port 443 TLS renegotiation: Secure session renegotiation supported TLS Compression: Compression disabled Heartbleed: TLS 1.0 not vulnerable to heartbleed TLS 1.1 not vulnerable to heartbleed TLS 1.2 not vulnerable to heartbleed Supported Server Cipher(s): Accepted SSLv3 256 bits DHE-RSA-AES256-SHA Accepted SSLv3 256 bits AES256-SHA Accepted SSLv3 128 bits DHE-RSA-AES128-SHA Accepted SSLv3 128 bits AES128-SHA Accepted SSLv3 128 bits RC4-SHA Accepted SSLv3 128 bits RC4-MD5 Accepted SSLv3 112 bits EDH-RSA-DES-CBC3-SHA Accepted SSLv3 112 bits DES-CBC3-SHA Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA Accepted TLSv1.0 256 bits AES256-SHA Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA Accepted TLSv1.0 128 bits AES128-SHA Accepted TLSv1.0 128 bits RC4-SHA Accepted TLSv1.0 128 bits RC4-MD5 Accepted TLSv1.0 112 bits EDH-RSA-DES-CBC3-SHA Accepted TLSv1.0 112 bits DES-CBC3-SHA Preferred Server Cipher(s): SSLv3 128 bits RC4-SHA TLSv1.0 128 bits RC4-SHA SSL Certificate: Signature Algorithm: sha256WithRSAEncryption RSA Key Strength: 2048 -- You are receiving this mail because: You are on the CC list for the bug.