Certificate Overview
Valid Host Names | Matched | www.facebook.com facebook.com | |
---|---|---|---|
Expires | in 3 months | Valid after Nov 17, 2011 | |
Trust | Trusted | The certificate was issued by VeriSign, Inc.,VeriSign International Server CA - Class 3,www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign |
Security
Encryption Ciphers | OK | ||
---|---|---|---|
Public Key Size | 1024 bits | Key sizes 1024 bits or larger are considered secure. Be aware that unnecessarily large key sizes will slow down the connection establishment. | |
Secure Renegotiation | No | This server is vulnerable to man-in-the-middle attacks by allowing insecure renegotiation. | |
Protocols | OK | SSLv3, TLSv1 |
Performance
HTTP Keepalive | No | Enabling HTTP Keep-Alive will allow subsequent requests to be served faster, without the need to establish a new SSL/TLS connection. | |
---|---|---|---|
SSL Session Cache | Yes | ||
TLS Stateless Resume | No | TLS stateless resume allows for faster re-connections to TLS enabled servers, without needing session state to be stored on the server. | |
SSL Handshake Size | 2420 bytes | A smaller SSL handshake means a faster connection. Reducing the number & size of certificates in your chain, and reducing the size of the public key will reduce this. |
Encryption Ciphers (TLS/SSLv3)
Cipher | Strength | Algo | Key | KeyEx | Handshake | ||
---|---|---|---|---|---|---|---|
DHE-RSA-AES256-SHA | High | AES | 256-bit | DH | 191ms | 2670 bytes | |
AES256-SHA | High | AES | 256-bit | RSA | 184ms | 2300 bytes | |
EDH-RSA-DES-CBC3-SHA | High | 3DES | 168-bit | DH | 195ms | 2654 bytes | |
DES-CBC3-SHA | High | 3DES | 168-bit | RSA | 168ms | 2284 bytes | |
DHE-RSA-AES128-SHA | High | AES | 128-bit | DH | 193ms | 2670 bytes | |
AES128-SHA | High | AES | 128-bit | RSA | 171ms | 2300 bytes | |
RC4-SHA | Medium | RC4 | 128-bit | RSA | 169ms | 2276 bytes | |
RC4-MD5 | Medium | RC4 | 128-bit | RSA | 170ms | 2268 bytes |