User Agent Capabilities: IE 11 / Win Phone 8.1 Update


Protocol Features
Protocols
TLS 1.3 No
TLS 1.2 Yes
TLS 1.1 Yes
TLS 1.0 Yes
SSL 3   INSECURE Yes
SSL 2 No


Cipher Suites (in order of preference)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)  WEAK 256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)  WEAK 128
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)  WEAK 256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)  WEAK 128
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)   Forward Secrecy 256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e)   Forward Secrecy 128
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)  WEAK 256
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c)  WEAK 128
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)  WEAK 256
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)  WEAK 128
TLS_RSA_WITH_AES_256_CBC_SHA (0x35)  WEAK 256
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)  WEAK 128
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)   Forward Secrecy 256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)   Forward Secrecy 128
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024)  WEAK 256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023)  WEAK 128
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)  WEAK 256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)  WEAK 128
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 (0x6a)  WEAK 256
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x40)  WEAK 128
TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x38)  WEAK 256
TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x32)  WEAK 128
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)  WEAK 112
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x13)  WEAK 112
(1) When a browser supports SSL 2, its SSL 2-only suites are shown only on the very first connection to this site. To see the suites, close all browser windows, then open this exact page directly. Don't refresh.


Protocol Details
Server Name Indication (SNI) Yes
Secure Renegotiation Yes
TLS compression No
Session tickets Yes
OCSP stapling Yes
Signature algorithms SHA256/RSA, SHA384/RSA, SHA1/RSA, SHA256/ECDSA, SHA384/ECDSA, SHA1/ECDSA, SHA1/DSA
Named Groups secp256r1, secp384r1
Next Protocol Negotiation Yes
Application Layer Protocol Negotiation Yes   spdy/3 http/1.1
SSL 2 handshake compatibility No

(**) Tested with default settings. Some platforms can be manually configured to enable more features and better security.