How is Your Browser Performing?

Bruce Morton

We always discuss SSL deployment best practices. These are the actions the Web server administrator takes. These are important to discuss, because the actions on the few million Web servers will increase the functionality and security of the billions of browser users.

However, there are two ends to the SSL connection and there is little talk about the deployment or quality of the browser. If you keep up with the browser updates, you are probably quite safe. Nevertheless, you may need to make some browser configuration changes — or even change your browser — to maximize your online trustworthiness.

So, how is your browser performing? To find out, try the SSL Client Test, which is an experimental service provided by Qualys SSL Labs. The test advises on the SSL/TLS protocols supported, some protocol configuration details and the cipher suites supported. It also advises whether or not the browser has cipher suites that support forward secrecy.

I did the test and found out my Internet Explorer browser was not supporting TLS 1.1 and 1.2. An easy configuration change to fix. If you find the same thing, select Internet Options, select the Advanced tab, then scroll down and choose “Use TLS 1.1” and “Use TLS 1.2” under Security. To see if it worked, try the test again.

Bruce Morton
Bruce Morton
Director, Certificate Technology & Standards

Bruce Morton has worked in the public key infrastructure and digital certificate industry for more than 15 years and has focused on SSL and other publicly trusted certificates since 2005. He has been an active member of the CA/Browser Forum that released guidelines for extended validation (EV) certificates and Baseline Requirements for SSL certificates. Bruce oversees the governance and compliance of Entrust’s publicly trusted PKI.

0 Comments

Add to the Conversation