AnsweredAssumed Answered

SSL Labs Handshake Simulation more information

Question asked by Eli Spaans on Jul 26, 2016

Looking through an SSL scan, specifically the Handshake Simulation I thought of some things that might need to go into a document or on the site for further clarification:


Simulation is done for i.e. IE 7 / Vista which for the supplier is now an outdated / not supported configuration (Microsoft is currently only supporting IE9 for Vista), but same things are visible as well for IE 8 - 10 for Windows 7 which are outdated as well. Looking further there are other setups to find as well that are actually outdated or not supported anymore.

Shouldn't therefore be all the outdated configuration under a header of their own stating that these types of configuration are outdated but only stated for reference purposes?


Also to ease up on the number of entries in the handshake simulation list should you not only enter i.e. Chrome 51 without any operating system (or just state any OS) as the browser has it's own SSL stack, meaning it should function exactly the same atop of any OS?

You could even say that same brand browser that have throughout a series of version the same ciphers supported they could be combined together in one entry (i.e. Chrome 49 - 51).


Other thing to consider is that you sometimes need specific updates installed on a system, besides the latest browser version to enable all functionalities. You might want to include these requirements in a document or add it to "SSL/TLS Deployment Best Practices".

Lastly since Vista is still supported by Microsoft, but not by Google anymore (version 49 is the latest version available) it might be worthwhile to note something about that as well.