content:en_us:kb_3rdparty_security_metrics_ssl_perfect_forward_secrecy_cipher_suites_supported

SSL Perfect Forward Secrecy Cipher Suites Supported

This entry from Security Metrics indicates that they are able to see which SSL Perfect Forward Secrecy Ciphers are supported.

ClearCenter response

Short response

SSL protocol negotiation is part of the protocol. The ability to negotiate this does not indicate a specific vulnerability.

Long response

Part of the protocol for SSL requires negotiation of the SSL encryption to be used between the hosts. While this displays what is possible, it does not give an attacker any particular advantage.

Resolution

No action required.

content/en_us/kb_3rdparty_security_metrics_ssl_perfect_forward_secrecy_cipher_suites_supported.txt · Last modified: 2015/01/29 16:49 (external edit)