Search Support

Beware of phishing attacks: Mozilla will never ask you to call a number or visit a non-Mozilla website. Please ignore such requests.

Learn More

When will Firefox support CipherSuite TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384?

  • 3 replies
  • 9 have this problem
  • 85 views
  • Last reply by guigs

more options

When will Firefox support CipherSuite TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384?

The only browser I found that works is Internet Explorer Windows 8. I also only tested this cipher suite on IIS on a Windows 2012 server. I need to have this work in both android mobile and windows desktop browsers.

All Replies (3)

more options

I did some research and it looks like the logic a while back happened here: https://wiki.mozilla.org/Talk:Securit.../Server_Side_TLS however this is slightly outdated. But it looks like it was implemented: https://bugzilla.mozilla.org/show_bug.cgi?id=880543

This is the more updated reference as I do not see that configuration in the security entries of about:config: https://wiki.mozilla.org/Security/Server_Side_TLS

More research I found that for RFC5288 only these were supported: https://developer.mozilla.org/en-US/d.../NSS_3.15.2_release_notes

GCM patch seems to be submitted but not sure whats next https://bugzilla.mozilla.org/show_bug.cgi?id=880543#c21

I do not have an estimated date for you however the security mailing list may also be a good place to ask: https://lists.mozilla.org/listinfo/dev-security-policy

more options

Thanks guigs2,

I copied the wrong Ciphersuite. The one we are using is:

CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

I guess we have to wait for NSS to support these higher cipher suites. Also I will need this to work on the Android Firefox client in the future.

Modified by mjbusch

more options

HI mjbusch, I pinged the bug, I would recommend filing a security bug in reference to this, but afaik they use the same NSS version on mobile.