Banner image of TLS usage of InfoSec Handbook readers

TLS usage of InfoSec Handbook readers

We logged the TLS versions and cipher suites of recent client requests to see the share of different versions and cipher suites.

# of requestsTLS versionTLS cipher suite
129,258TLS 1.3TLS_AES_256_GCM_SHA384
74,328TLS 1.3TLS_AES_128_GCM_SHA256
43,814TLS 1.2ECDHE-ECDSA-AES256-GCM-SHA384
17,166TLS 1.2ECDHE-ECDSA-AES128-GCM-SHA256
4,870TLS 1.3TLS_CHACHA20_POLY1305_SHA256
1,816TLS 1.2ECDHE-ECDSA-CHACHA20-POLY1305

Some interesting numbers:

  • Already 77% of all client requests used TLS 1.3.
  • 98% of the client requests used AES instead of ChaCha20.
  • 64% of the client requests used AES-256-GCM.

Our web server doesn’t enforce server-side cipher preference since we only allow a small set of strong TLS cipher suites that are considered secure. Client-side cipher preference is also recommended by Mozilla for modern TLS configuration: Mozilla Security/Server Side TLS: Modern compatibilityexternal link

An image showing a pie chart that shows the TLS usage of our readers.
TLS usage of our readers (🔍 Zoom in)

Tip: If you log cipher suites and get one request per line, you can sort the output with sort [tls-logfile] | uniq -c | sort -bgr.

Read also