AnsweredAssumed Answered

Support RC4 fallback in Firefox at the browser test

Question asked by eitanc on May 15, 2015
Latest reply on May 27, 2015 by Adm Selec



At the browser test, Qualys SSL Labs - Projects / SSL Client Test, you do not test Firefox RC4 fallback.


In version 38 (I think...) FF added an option of “security.tls.unrestricted_rc4_fallback” (a "True/False" option, I don't recall what is the default value).

This means that if you connect to a site with a RC4 cipher as its top cipher - you can decide if FF will fallback to RC4 ciphers and use them or not, when "not" means you will be blocked with a FF error.


I noticed that you browser check does not check this issue and so the user get a report that one's browser is not supporting RC4, while on the field it is eventually do - so users think they are safe by supporting only non-RC4 ciphers while at the wild they will not know their browser is transparently "falling" to RC4.


If you will sniff/wireshark a matching session you will see that the first "server hello" is failing the first "client hello" (sent with a list of ciphers that do not contain RC4 ciphers) and then you will see a new, second, "client hello", this time the cipher list will contain the same list as before plus 4 more ciphers, all supporting RC4 and all the about:config settings of these 4 ciphers is enabled by default at FF. This second attempt successfully establishes an RC4 based connection.


I believe SSL Labs should update its browser test to also examine this scenario so users will know their the real-life cipher support of their browser.


You can test this on the following sites, that support only two ciphers, both are only RC4 (and their matching SSL Labs server report):

SSL Server Test: (Powered by Qualys SSL Labs)

SSL Server Test: (Powered by Qualys SSL Labs)


You may have some issues with this FF setting, so please also see the following bug report I submitted to FF Bugzilla:

1165421 – Three RC4 issues