MozillaWiki

Security/Server Side TLS: Difference between revisions

Page Discussion

Security/Server Side TLS (view source)

Revision as of 15:33, 11 February 2016

27,271 bytes removed ,  11 February 2016
V4: https://github.com/mozilla/server-side-tls/pull/97
(sync with github)
(V4: https://github.com/mozilla/server-side-tls/pull/97)
Line 17: Line 17:


= Recommended configurations =
= Recommended configurations =
Three configurations are recommended. Pick the right configuration depending on your audience. If you do not need backward compatibility, and are building a service for modern clients only (post FF27), then use the Modern configuration. Otherwise, prefer the Intermediate configuration. Use the Old backward compatible configuration only if your service will be accessed by very old clients, such as Windows XP IE6, or ancient libraries & bots.
Three configurations are recommended. Pick the right configuration depending on your audience. If you do not need backward compatibility, and are building a service for modern clients only (post Firefox 27/Chrome 22), then use the Modern configuration. Otherwise, prefer the Intermediate configuration. Use the Old backward compatible configuration only if your service will be accessed by very old clients, such as Windows XP IE6, or ancient libraries & bots.


{| class="wikitable"
{| class="wikitable"
|-
|-
! Configuration !! Oldest compatible client
! Configuration !! Oldest compatible client
|-  
|-
|  <span style="color:green;">'''Modern'''</span> || Firefox 27, Chrome 22, IE 11, Opera 14, Safari 7, Android 4.4, Java 8
|  <span style="color:green;">'''Modern'''</span> || Firefox 27, Chrome 22, IE 11, Opera 14, Safari 7, Android 4.4, Java 8
|-  
|-
|  <span style="color:orange;">'''Intermediate'''</span> || Firefox 1, Chrome 1, IE 7, Opera 5, Safari 1, Windows XP IE8, Android 2.3, Java 7
|  <span style="color:orange;">'''Intermediate'''</span> || Firefox 1, Chrome 1, IE 7, Opera 5, Safari 1, Windows XP IE8, Android 2.3, Java 7
|-  
|-
|  <span style="color:gray;">'''Old'''</span> || Windows XP IE6, Java 6
|  <span style="color:gray;">'''Old'''</span> || Windows XP IE6, Java 6
|}
|}
Older versions of OpenSSL may not return the full list of algorithms. AES-GCM and some ECDHE are fairly recent, and not present on most versions of OpenSSL shipped with Ubuntu or RHEL. This listing below was obtained from a freshly built OpenSSL. If your version of OpenSSL is old, unavailable ciphers will be discarded automatically. Always use the full ciphersuite and let OpenSSL pick the ones it supports.
The ordering of a ciphersuite is very important because it decides which algorithms are going to be selected in priority. Each level shows the list of algorithms returned by its ciphersuite. If you have to pick ciphers manually for your application, make sure you keep the ordering.


== <span style="color:green;">'''Modern'''</span> compatibility ==
== <span style="color:green;">'''Modern'''</span> compatibility ==
For services that don't need backward compatibility, the parameters below provide a higher level of security. This configuration is compatible with Firefox 27, Chrome 22, IE 11, Opera 14 and Safari 7.
For services that don't need backward compatibility, the parameters below provide a higher level of security. This configuration is compatible with Firefox 27, Chrome 22, IE 11, Opera 14, Safari 7 and Windows Vista.


* Ciphersuite: '''ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK'''
* Ciphersuites: '''ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'''
* Versions: '''TLSv1.1, TLSv1.2'''
* Versions: '''TLSv1.2'''
* RSA key size: '''2048'''
* TLS curves: '''prime256v1, secp384r1, secp521r1'''
* DH Parameter size: '''2048'''
* Certificate type: '''ECDSA'''
* Elliptic curves: '''secp256r1, secp384r1, secp521r1''' (at a minimum)
* Certificate curve: '''prime256v1, secp384r1, secp521r1'''
* Certificate signature: '''SHA-256'''
* Certificate signature: '''sha256WithRSAEncryption, ecdsa-with-SHA256, ecdsa-with-SHA384, ecdsa-with-SHA512'''
* RSA key size: '''2048''' (if not ecdsa)
* DH Parameter size: '''None''' (disabled entirely)
* ECDH Parameter size: '''256'''
* HSTS: '''max-age=15768000'''
* HSTS: '''max-age=15768000'''
* Certificate switching: '''None'''
<source>
0xC0,0x2C  -  ECDHE-ECDSA-AES256-GCM-SHA384  TLSv1.2  Kx=ECDH  Au=ECDSA  Enc=AESGCM(256)    Mac=AEAD
0xC0,0x30  -  ECDHE-RSA-AES256-GCM-SHA384    TLSv1.2  Kx=ECDH  Au=RSA    Enc=AESGCM(256)    Mac=AEAD
0xCC,0x14  -  ECDHE-ECDSA-CHACHA20-POLY1305  TLSv1.2  Kx=ECDH  Au=ECDSA  Enc=ChaCha20(256)  Mac=AEAD
0xCC,0x13  -  ECDHE-RSA-CHACHA20-POLY1305    TLSv1.2  Kx=ECDH  Au=RSA    Enc=ChaCha20(256)  Mac=AEAD
0xC0,0x2B  -  ECDHE-ECDSA-AES128-GCM-SHA256  TLSv1.2  Kx=ECDH  Au=ECDSA  Enc=AESGCM(128)    Mac=AEAD
0xC0,0x2F  -  ECDHE-RSA-AES128-GCM-SHA256    TLSv1.2  Kx=ECDH  Au=RSA    Enc=AESGCM(128)    Mac=AEAD
0xC0,0x24  -  ECDHE-ECDSA-AES256-SHA384      TLSv1.2  Kx=ECDH  Au=ECDSA  Enc=AES(256)      Mac=SHA384
0xC0,0x28  -  ECDHE-RSA-AES256-SHA384        TLSv1.2  Kx=ECDH  Au=RSA    Enc=AES(256)      Mac=SHA384
0xC0,0x23  -  ECDHE-ECDSA-AES128-SHA256      TLSv1.2  Kx=ECDH  Au=ECDSA  Enc=AES(128)      Mac=SHA256
0xC0,0x27  -  ECDHE-RSA-AES128-SHA256        TLSv1.2  Kx=ECDH  Au=RSA    Enc=AES(128)      Mac=SHA256
</source>
Rationale:
* AES256-GCM is prioritized above its 128 bits variant, and ChaCha20 because we assume that most modern devices support AESNI instructions and thus benefit from fast and constant time AES.
* We recommend ECDSA certificates with P256 as other curves may not be supported everywhere. RSA signatures on ECDSA certificates are permitted because very few CAs sign with ECDSA at the moment.
* DHE is removed entirely because it is slow in comparison with ECDHE, and all modern clients support elliptic curve key exchanges.
* SHA1 signature algorithm is removed in favor of SHA384 for AES256 and SHA256 for AES128.


== <span style="color:orange;">'''Intermediate'''</span> compatibility (default) ==
== <span style="color:orange;">'''Intermediate'''</span> compatibility (default) ==
For services that don't need compatibility with legacy clients (mostly WinXP), but still need to support a wide range of clients, this configuration is recommended. It is is compatible with Firefox 1, Chrome 1, IE 7, Opera 5 and Safari 1.
For services that don't need compatibility with legacy clients (mostly WinXP), but still need to support a wide range of clients, this configuration is recommended. It is is compatible with Firefox 1, Chrome 1, IE 7, Opera 5 and Safari 1.


* Ciphersuite: '''ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'''
* Ciphersuites: '''ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS'''
* Versions: '''TLSv1, TLSv1.1, TLSv1.2'''
* Versions: '''TLSv1.2, TLSv1.1, TLSv1'''
* TLS curves: '''prime256v1, secp384r1, secp521r1'''
* Certificate type: '''RSA'''
* Certificate curve: ''''None'''
* Certificate signature: '''sha256WithRSAEncryption'''
* RSA key size: '''2048'''
* RSA key size: '''2048'''
* DH Parameter size: '''2048''' (see [[Security/Server_Side_TLS#DHE_and_Java|DHE and Java]] for details)
* DH Parameter size: '''2048'''
* Elliptic curves: '''secp256r1, secp384r1, secp521r1''' (at a minimum)
* ECDH Parameter size: '''256'''
* Certificate signature: '''SHA-256'''
* HSTS: '''max-age=15768000'''
* Certificate switching: '''None'''
 
<source>
0xCC,0x14  -  ECDHE-ECDSA-CHACHA20-POLY1305  TLSv1.2  Kx=ECDH  Au=ECDSA  Enc=ChaCha20(256)  Mac=AEAD
0xCC,0x13  -  ECDHE-RSA-CHACHA20-POLY1305    TLSv1.2  Kx=ECDH  Au=RSA    Enc=ChaCha20(256)  Mac=AEAD
0xC0,0x2B  -  ECDHE-ECDSA-AES128-GCM-SHA256  TLSv1.2  Kx=ECDH  Au=ECDSA  Enc=AESGCM(128)    Mac=AEAD
0xC0,0x2F  -  ECDHE-RSA-AES128-GCM-SHA256    TLSv1.2  Kx=ECDH  Au=RSA    Enc=AESGCM(128)    Mac=AEAD
0xC0,0x2C  -  ECDHE-ECDSA-AES256-GCM-SHA384  TLSv1.2  Kx=ECDH  Au=ECDSA  Enc=AESGCM(256)    Mac=AEAD
0xC0,0x30  -  ECDHE-RSA-AES256-GCM-SHA384    TLSv1.2  Kx=ECDH  Au=RSA    Enc=AESGCM(256)    Mac=AEAD
0x00,0x9E  -  DHE-RSA-AES128-GCM-SHA256      TLSv1.2  Kx=DH    Au=RSA    Enc=AESGCM(128)    Mac=AEAD
0x00,0x9F  -  DHE-RSA-AES256-GCM-SHA384      TLSv1.2  Kx=DH    Au=RSA    Enc=AESGCM(256)    Mac=AEAD
0xC0,0x23  -  ECDHE-ECDSA-AES128-SHA256      TLSv1.2  Kx=ECDH  Au=ECDSA  Enc=AES(128)      Mac=SHA256
0xC0,0x27  -  ECDHE-RSA-AES128-SHA256        TLSv1.2  Kx=ECDH  Au=RSA    Enc=AES(128)      Mac=SHA256
0xC0,0x09  -  ECDHE-ECDSA-AES128-SHA        SSLv3    Kx=ECDH  Au=ECDSA  Enc=AES(128)      Mac=SHA1
0xC0,0x28  -  ECDHE-RSA-AES256-SHA384        TLSv1.2  Kx=ECDH  Au=RSA    Enc=AES(256)      Mac=SHA384
0xC0,0x13  -  ECDHE-RSA-AES128-SHA          SSLv3    Kx=ECDH  Au=RSA    Enc=AES(128)      Mac=SHA1
0xC0,0x24  -  ECDHE-ECDSA-AES256-SHA384      TLSv1.2  Kx=ECDH  Au=ECDSA  Enc=AES(256)      Mac=SHA384
0xC0,0x0A  -  ECDHE-ECDSA-AES256-SHA         SSLv3    Kx=ECDH  Au=ECDSA  Enc=AES(256)      Mac=SHA1
0xC0,0x14  - ECDHE-RSA-AES256-SHA          SSLv3    Kx=ECDH  Au=RSA    Enc=AES(256)      Mac=SHA1
0x00,0x67  -  DHE-RSA-AES128-SHA256          TLSv1.2  Kx=DH    Au=RSA    Enc=AES(128)      Mac=SHA256
0x00,0x33  -  DHE-RSA-AES128-SHA            SSLv3    Kx=DH    Au=RSA    Enc=AES(128)      Mac=SHA1
0x00,0x6B  -  DHE-RSA-AES256-SHA256          TLSv1.2  Kx=DH    Au=RSA    Enc=AES(256)      Mac=SHA256
0x00,0x39  -  DHE-RSA-AES256-SHA            SSLv3    Kx=DH    Au=RSA    Enc=AES(256)      Mac=SHA1
0xC0,0x08  -  ECDHE-ECDSA-DES-CBC3-SHA      SSLv3    Kx=ECDH  Au=ECDSA  Enc=3DES(168)      Mac=SHA1
0xC0,0x12  -  ECDHE-RSA-DES-CBC3-SHA        SSLv3    Kx=ECDH  Au=RSA    Enc=3DES(168)      Mac=SHA1
0x00,0x16  -  EDH-RSA-DES-CBC3-SHA          SSLv3    Kx=DH    Au=RSA    Enc=3DES(168)      Mac=SHA1
0x00,0x9C  -  AES128-GCM-SHA256              TLSv1.2  Kx=RSA  Au=RSA    Enc=AESGCM(128)    Mac=AEAD
0x00,0x9D  -  AES256-GCM-SHA384              TLSv1.2  Kx=RSA  Au=RSA    Enc=AESGCM(256)    Mac=AEAD
0x00,0x3C  -  AES128-SHA256                  TLSv1.2  Kx=RSA  Au=RSA    Enc=AES(128)      Mac=SHA256
0x00,0x3D  -  AES256-SHA256                  TLSv1.2  Kx=RSA  Au=RSA    Enc=AES(256)      Mac=SHA256
0x00,0x2F  -  AES128-SHA                    SSLv3    Kx=RSA  Au=RSA    Enc=AES(128)      Mac=SHA1
0x00,0x35  -  AES256-SHA                    SSLv3    Kx=RSA  Au=RSA    Enc=AES(256)      Mac=SHA1
0x00,0x0A  -  DES-CBC3-SHA                  SSLv3    Kx=RSA  Au=RSA    Enc=3DES(168)      Mac=SHA1
</source>
 
Rationale:
* ChaCha20 is prefered as the fastest and safest in-software cipher, followed but AES128. Unlike the modern configuration, we do not assume clients support AESNI and thus do not prioritize AES256 above 128 and ChaCha20. There has been discussions ([http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg11247.html 1], [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12398.html 2]) on whether AES256 extra security was worth its computing cost in software (without AESNI), and the results are far from obvious. At the moment, AES128 is preferred, because it provides good security, is really fast, and seems to be more resistant to timing attacks.
* DES-CBC3-SHA and EDH-RSA-DES-CBC3-SHA are maintained for backward compatibility with clients that do not support AES.
* While the goal is to support a broad range of clients, we reasonably disable a number of ciphers that have little support (such as SEED, CAMELLIA, ...).


== <span style="color:gray;">'''Old'''</span> backward compatibility ==
== <span style="color:gray;">'''Old'''</span> backward compatibility ==
Line 55: Line 126:
This is the old ciphersuite that works with all clients back to Windows XP/IE6. It should be used as a last resort only.
This is the old ciphersuite that works with all clients back to Windows XP/IE6. It should be used as a last resort only.


* Ciphersuite: '''ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'''
* Ciphersuites: '''ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:DES-CBC3-SHA:HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SRP'''
* Versions: '''SSLv3, TLSv1, TLSv1.1, TLSv1.2'''
* Versions: '''TLSv1.2, TLSv1.1, TLSv1, SSLv3'''
* TLS curves: '''prime256v1, secp384r1, secp521r1'''
* Certificate type: '''RSA'''
* Certificate curve: ''''None'''
* Certificate signature: '''sha256WithRSAEncryption'''
* RSA key size: '''2048'''
* RSA key size: '''2048'''
* DH Parameter size: '''1024''' (see [[#Pre-defined_DHE_groups|Pre-defined DHE groups]])
* DH Parameter size: '''1024'''
* Elliptic curves: '''secp256r1, secp384r1, secp521r1'''
* ECDH Parameter size: '''256'''
* Certificate signature: '''SHA-1''' (windows XP pre-sp3 is incompatible with sha-256)
* HSTS: '''max-age=15768000'''
* Certificate switching: '''sha1WithRSAEncryption'''


If your version of OpenSSL is old, unavailable ciphers will be discarded automatically. Always use the full ciphersuite above and let OpenSSL pick the ones it supports.
<source>
 
0xCC,0x14  - ECDHE-ECDSA-CHACHA20-POLY1305  TLSv1.2  Kx=ECDH  Au=ECDSA  Enc=ChaCha20(256)  Mac=AEAD
The ordering of a ciphersuite is very important because it decides which algorithms are going to be selected in priority. The recommendation above prioritizes algorithms that provide perfect forward secrecy.
0xCC,0x13  - ECDHE-RSA-CHACHA20-POLY1305    TLSv1.2  Kx=ECDH  Au=RSA    Enc=ChaCha20(256)  Mac=AEAD
 
0xC0,0x2F  - ECDHE-RSA-AES128-GCM-SHA256    TLSv1.2  Kx=ECDH  Au=RSA    Enc=AESGCM(128)    Mac=AEAD
The listing below shows the list of algorithms returned by this ciphersuite. If you have to pick them manually for your application, make sure you keep this ordering.
0xC0,0x2B  -  ECDHE-ECDSA-AES128-GCM-SHA256   TLSv1.2  Kx=ECDH  Au=ECDSA  Enc=AESGCM(128)    Mac=AEAD
 
0xC0,0x30  - ECDHE-RSA-AES256-GCM-SHA384    TLSv1.2  Kx=ECDH  Au=RSA    Enc=AESGCM(256)    Mac=AEAD
Older versions of OpenSSL may not return the full list of algorithms. AES-GCM and some ECDHE are fairly recent, and not present on most versions of OpenSSL shipped with Ubuntu or RHEL. This listing below was obtained from a freshly built OpenSSL.
0xC0,0x2C  - ECDHE-ECDSA-AES256-GCM-SHA384   TLSv1.2  Kx=ECDH  Au=ECDSA Enc=AESGCM(256)    Mac=AEAD
 
0x00,0x9E  - DHE-RSA-AES128-GCM-SHA256       TLSv1.2  Kx=DH    Au=RSA   Enc=AESGCM(128)    Mac=AEAD
<source lang="bash">
0x00,0xA2  - DHE-DSS-AES128-GCM-SHA256      TLSv1.2  Kx=DH    Au=DSS    Enc=AESGCM(128)    Mac=AEAD
$ openssl ciphers -V 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'|column -t
0x00,0xA3  -  DHE-DSS-AES256-GCM-SHA384      TLSv1.2  Kx=DH    Au=DSS    Enc=AESGCM(256)    Mac=AEAD
 
0x00,0x9F  -  DHE-RSA-AES256-GCM-SHA384       TLSv1.2  Kx=DH    Au=RSA    Enc=AESGCM(256)    Mac=AEAD
0xC0,0x2F  -  ECDHE-RSA-AES128-GCM-SHA256     TLSv1.2  Kx=ECDH   Au=RSA    Enc=AESGCM(128)   Mac=AEAD
0xC0,0x27  -  ECDHE-RSA-AES128-SHA256        TLSv1.2  Kx=ECDH  Au=RSA    Enc=AES(128)      Mac=SHA256
0xC0,0x2B -  ECDHE-ECDSA-AES128-GCM-SHA256  TLSv1.2  Kx=ECDH   Au=ECDSA  Enc=AESGCM(128)   Mac=AEAD
0xC0,0x23  - ECDHE-ECDSA-AES128-SHA256       TLSv1.2  Kx=ECDH Au=ECDSA  Enc=AES(128)       Mac=SHA256
0xC0,0x30 -  ECDHE-RSA-AES256-GCM-SHA384    TLSv1.2  Kx=ECDH   Au=RSA    Enc=AESGCM(256)   Mac=AEAD
0xC0,0x13 -  ECDHE-RSA-AES128-SHA            SSLv3    Kx=ECDH Au=RSA    Enc=AES(128)       Mac=SHA1
0xC0,0x2C -  ECDHE-ECDSA-AES256-GCM-SHA384   TLSv1.2  Kx=ECDH   Au=ECDSA  Enc=AESGCM(256)   Mac=AEAD
0xC0,0x09 -  ECDHE-ECDSA-AES128-SHA          SSLv3    Kx=ECDH Au=ECDSA  Enc=AES(128)       Mac=SHA1
0x00,0x9E DHE-RSA-AES128-GCM-SHA256       TLSv1.2  Kx=DH      Au=RSA    Enc=AESGCM(128)   Mac=AEAD
0xC0,0x28 -  ECDHE-RSA-AES256-SHA384         TLSv1.2  Kx=ECDH Au=RSA    Enc=AES(256)       Mac=SHA384
0x00,0xA2 DHE-DSS-AES128-GCM-SHA256      TLSv1.2  Kx=DH      Au=DSS   Enc=AESGCM(128)   Mac=AEAD
0xC0,0x24 ECDHE-ECDSA-AES256-SHA384       TLSv1.2  Kx=ECDH  Au=ECDSA  Enc=AES(256)       Mac=SHA384
0x00,0xA3 DHE-DSS-AES256-GCM-SHA384      TLSv1.2  Kx=DH      Au=DSS    Enc=AESGCM(256)   Mac=AEAD
0xC0,0x14 ECDHE-RSA-AES256-SHA            SSLv3    Kx=ECDH  Au=RSA   Enc=AES(256)       Mac=SHA1
0x00,0x9F -  DHE-RSA-AES256-GCM-SHA384      TLSv1.2  Kx=DH     Au=RSA    Enc=AESGCM(256)   Mac=AEAD
0xC0,0x0A ECDHE-ECDSA-AES256-SHA          SSLv3    Kx=ECDH  Au=ECDSA  Enc=AES(256)       Mac=SHA1
0xC0,0x27 ECDHE-RSA-AES128-SHA256        TLSv1.2  Kx=ECDH   Au=RSA    Enc=AES(128)      Mac=SHA256
0x00,0x67 -  DHE-RSA-AES128-SHA256          TLSv1.2  Kx=DH   Au=RSA    Enc=AES(128)       Mac=SHA256
0xC0,0x23 ECDHE-ECDSA-AES128-SHA256       TLSv1.2  Kx=ECDH   Au=ECDSA  Enc=AES(128)      Mac=SHA256
0x00,0x33 DHE-RSA-AES128-SHA              SSLv3    Kx=DH   Au=RSA    Enc=AES(128)      Mac=SHA1
0xC0,0x13 ECDHE-RSA-AES128-SHA            SSLv3    Kx=ECDH   Au=RSA    Enc=AES(128)      Mac=SHA1
0x00,0x40 DHE-DSS-AES128-SHA256           TLSv1.2  Kx=DH   Au=DSS    Enc=AES(128)      Mac=SHA256
0xC0,0x09 ECDHE-ECDSA-AES128-SHA         SSLv3    Kx=ECDH   Au=ECDSA  Enc=AES(128)      Mac=SHA1
0x00,0x6B DHE-RSA-AES256-SHA256          TLSv1.2  Kx=DH   Au=RSA    Enc=AES(256)      Mac=SHA256
0xC0,0x28 ECDHE-RSA-AES256-SHA384        TLSv1.2  Kx=ECDH   Au=RSA    Enc=AES(256)      Mac=SHA384
0x00,0x38 DHE-DSS-AES256-SHA             SSLv3    Kx=DH   Au=DSS    Enc=AES(256)      Mac=SHA1
0xC0,0x24 -  ECDHE-ECDSA-AES256-SHA384      TLSv1.2  Kx=ECDH   Au=ECDSA  Enc=AES(256)       Mac=SHA384
0x00,0x39 DHE-RSA-AES256-SHA              SSLv3    Kx=DH   Au=RSA    Enc=AES(256)      Mac=SHA1
0xC0,0x14 -  ECDHE-RSA-AES256-SHA           SSLv3    Kx=ECDH   Au=RSA    Enc=AES(256)       Mac=SHA1
0xC0,0x12 -  ECDHE-RSA-DES-CBC3-SHA          SSLv3    Kx=ECDH Au=RSA    Enc=3DES(168)     Mac=SHA1
0xC0,0x0A ECDHE-ECDSA-AES256-SHA         SSLv3    Kx=ECDH   Au=ECDSA  Enc=AES(256)       Mac=SHA1
0xC0,0x08 -  ECDHE-ECDSA-DES-CBC3-SHA       SSLv3    Kx=ECDH Au=ECDSA  Enc=3DES(168)     Mac=SHA1
0x00,0x67 DHE-RSA-AES128-SHA256           TLSv1.2  Kx=DH      Au=RSA    Enc=AES(128)       Mac=SHA256
0x00,0x16 EDH-RSA-DES-CBC3-SHA           SSLv3    Kx=DH   Au=RSA    Enc=3DES(168)     Mac=SHA1
0x00,0x33 DHE-RSA-AES128-SHA              SSLv3    Kx=DH      Au=RSA    Enc=AES(128)       Mac=SHA1
0x00,0x9C AES128-GCM-SHA256               TLSv1.2  Kx=RSA  Au=RSA    Enc=AESGCM(128)   Mac=AEAD
0x00,0x40 DHE-DSS-AES128-SHA256           TLSv1.2  Kx=DH      Au=DSS   Enc=AES(128)      Mac=SHA256
0x00,0x9D AES256-GCM-SHA384              TLSv1.2  Kx=RSA  Au=RSA    Enc=AESGCM(256)   Mac=AEAD
0x00,0x6B DHE-RSA-AES256-SHA256           TLSv1.2  Kx=DH      Au=RSA    Enc=AES(256)      Mac=SHA256
0x00,0x3C -  AES128-SHA256                   TLSv1.2  Kx=RSA  Au=RSA   Enc=AES(128)      Mac=SHA256
0x00,0x38 DHE-DSS-AES256-SHA             SSLv3    Kx=DH      Au=DSS   Enc=AES(256)      Mac=SHA1
0x00,0x3D -  AES256-SHA256                   TLSv1.2  Kx=RSA  Au=RSA    Enc=AES(256)      Mac=SHA256
0x00,0x39 DHE-RSA-AES256-SHA             SSLv3    Kx=DH      Au=RSA    Enc=AES(256)      Mac=SHA1
0x00,0x2F AES128-SHA                     SSLv3    Kx=RSA  Au=RSA   Enc=AES(128)      Mac=SHA1
0xC0,0x12 ECDHE-RSA-DES-CBC3-SHA          SSLv3    Kx=ECDH   Au=RSA   Enc=3DES(168)     Mac=SHA1
0x00,0x35 -  AES256-SHA                     SSLv3    Kx=RSA  Au=RSA    Enc=AES(256)      Mac=SHA1
0xC0,0x08 ECDHE-ECDSA-DES-CBC3-SHA       SSLv3    Kx=ECDH   Au=ECDSA  Enc=3DES(168)     Mac=SHA1
0x00,0x6A DHE-DSS-AES256-SHA256          TLSv1.2  Kx=DH   Au=DSS   Enc=AES(256)       Mac=SHA256
0x00,0x16 EDH-RSA-DES-CBC3-SHA           SSLv3    Kx=DH      Au=RSA    Enc=3DES(168)      Mac=SHA1
0x00,0x32 DHE-DSS-AES128-SHA             SSLv3    Kx=DH   Au=DSS    Enc=AES(128)       Mac=SHA1
0x00,0x9C AES128-GCM-SHA256              TLSv1.2  Kx=RSA    Au=RSA    Enc=AESGCM(128)   Mac=AEAD
0x00,0x0A -  DES-CBC3-SHA                   SSLv3    Kx=RSA  Au=RSA    Enc=3DES(168)      Mac=SHA1
0x00,0x9D AES256-GCM-SHA384              TLSv1.2  Kx=RSA    Au=RSA   Enc=AESGCM(256)   Mac=AEAD
0x00,0x9A DHE-RSA-SEED-SHA                SSLv3    Kx=DH    Au=RSA    Enc=SEED(128)     Mac=SHA1
0x00,0x3C AES128-SHA256                  TLSv1.2  Kx=RSA    Au=RSA    Enc=AES(128)       Mac=SHA256
0x00,0x99 DHE-DSS-SEED-SHA                SSLv3    Kx=DH    Au=DSS   Enc=SEED(128)     Mac=SHA1
0x00,0x3D AES256-SHA256                  TLSv1.2  Kx=RSA    Au=RSA    Enc=AES(256)       Mac=SHA256
0xCC,0x15 DHE-RSA-CHACHA20-POLY1305      TLSv1.2  Kx=DH    Au=RSA    Enc=ChaCha20(256) Mac=AEAD
0x00,0x2F AES128-SHA                      SSLv3    Kx=RSA    Au=RSA    Enc=AES(128)       Mac=SHA1
0xC0,0x77 ECDHE-RSA-CAMELLIA256-SHA384    TLSv1.2  Kx=ECDH  Au=RSA    Enc=Camellia(256) Mac=SHA384
0x00,0x35 AES256-SHA                      SSLv3    Kx=RSA    Au=RSA    Enc=AES(256)       Mac=SHA1
0xC0,0x73 ECDHE-ECDSA-CAMELLIA256-SHA384  TLSv1.2  Kx=ECDH  Au=ECDSA  Enc=Camellia(256) Mac=SHA384
0xC0,0x22 SRP-DSS-AES-256-CBC-SHA        SSLv3    Kx=SRP    Au=DSS    Enc=AES(256)       Mac=SHA1
0x00,0xC4 DHE-RSA-CAMELLIA256-SHA256      TLSv1.2  Kx=DH    Au=RSA    Enc=Camellia(256) Mac=SHA256
0xC0,0x21 SRP-RSA-AES-256-CBC-SHA        SSLv3    Kx=SRP    Au=RSA    Enc=AES(256)       Mac=SHA1
0x00,0xC3 DHE-DSS-CAMELLIA256-SHA256      TLSv1.2  Kx=DH    Au=DSS    Enc=Camellia(256) Mac=SHA256
0xC0,0x20 SRP-AES-256-CBC-SHA             SSLv3    Kx=SRP    Au=SRP   Enc=AES(256)       Mac=SHA1
0x00,0x88 DHE-RSA-CAMELLIA256-SHA        SSLv3    Kx=DH    Au=RSA    Enc=Camellia(256) Mac=SHA1
0x00,0xA5 DH-DSS-AES256-GCM-SHA384        TLSv1.2  Kx=DH/DSS  Au=DH    Enc=AESGCM(256)   Mac=AEAD
0x00,0x87 DHE-DSS-CAMELLIA256-SHA         SSLv3    Kx=DH    Au=DSS   Enc=Camellia(256) Mac=SHA1
0x00,0xA1 DH-RSA-AES256-GCM-SHA384        TLSv1.2  Kx=DH/RSA Au=DH    Enc=AESGCM(256)   Mac=AEAD
0x00,0xC0 CAMELLIA256-SHA256              TLSv1.2  Kx=RSA  Au=RSA    Enc=Camellia(256) Mac=SHA256
0x00,0x6A DHE-DSS-AES256-SHA256           TLSv1.2  Kx=DH      Au=DSS   Enc=AES(256)       Mac=SHA256
0x00,0x84 CAMELLIA256-SHA                SSLv3    Kx=RSA   Au=RSA    Enc=Camellia(256) Mac=SHA1
0x00,0x69 DH-RSA-AES256-SHA256           TLSv1.2  Kx=DH/RSA Au=DH    Enc=AES(256)       Mac=SHA256
0xC0,0x76 ECDHE-RSA-CAMELLIA128-SHA256   TLSv1.2  Kx=ECDH  Au=RSA   Enc=Camellia(128) Mac=SHA256
0x00,0x68 DH-DSS-AES256-SHA256           TLSv1.2  Kx=DH/DSS  Au=DH    Enc=AES(256)       Mac=SHA256
0xC0,0x72 ECDHE-ECDSA-CAMELLIA128-SHA256 TLSv1.2  Kx=ECDH Au=ECDSA  Enc=Camellia(128) Mac=SHA256
0x00,0x37 DH-RSA-AES256-SHA              SSLv3    Kx=DH/RSA  Au=DH    Enc=AES(256)       Mac=SHA1
0x00,0xBE DHE-RSA-CAMELLIA128-SHA256     TLSv1.2  Kx=DH   Au=RSA    Enc=Camellia(128) Mac=SHA256
0x00,0x36 DH-DSS-AES256-SHA               SSLv3    Kx=DH/DSS  Au=DH    Enc=AES(256)       Mac=SHA1
0x00,0xBD DHE-DSS-CAMELLIA128-SHA256      TLSv1.2  Kx=DH   Au=DSS    Enc=Camellia(128) Mac=SHA256
0x00,0x95 RSA-PSK-AES256-CBC-SHA         SSLv3    Kx=RSAPSK  Au=RSA   Enc=AES(256)       Mac=SHA1
0x00,0x45 DHE-RSA-CAMELLIA128-SHA         SSLv3    Kx=DH   Au=RSA    Enc=Camellia(128) Mac=SHA1
0xC0,0x1F SRP-DSS-AES-128-CBC-SHA        SSLv3    Kx=SRP    Au=DSS   Enc=AES(128)       Mac=SHA1
0x00,0x44 DHE-DSS-CAMELLIA128-SHA         SSLv3    Kx=DH    Au=DSS   Enc=Camellia(128) Mac=SHA1
0xC0,0x1E SRP-RSA-AES-128-CBC-SHA         SSLv3    Kx=SRP    Au=RSA    Enc=AES(128)       Mac=SHA1
0x00,0xBA CAMELLIA128-SHA256              TLSv1.2  Kx=RSA  Au=RSA   Enc=Camellia(128) Mac=SHA256
0xC0,0x1D  -  SRP-AES-128-CBC-SHA            SSLv3    Kx=SRP    Au=SRP    Enc=AES(128)      Mac=SHA1
0x00,0x41 CAMELLIA128-SHA                 SSLv3    Kx=RSA  Au=RSA    Enc=Camellia(128)  Mac=SHA1
0x00,0xA4  -  DH-DSS-AES128-GCM-SHA256        TLSv1.2  Kx=DH/DSS  Au=DH    Enc=AESGCM(128)    Mac=AEAD
0x00,0x96 SEED-SHA                       SSLv3    Kx=RSA  Au=RSA    Enc=SEED(128)      Mac=SHA1
0x00,0xA0  -  DH-RSA-AES128-GCM-SHA256        TLSv1.2  Kx=DH/RSA  Au=DH    Enc=AESGCM(128)    Mac=AEAD
0x00,0x3F  -  DH-RSA-AES128-SHA256            TLSv1.2  Kx=DH/RSA  Au=DH    Enc=AES(128)      Mac=SHA256
0x00,0x3E  -  DH-DSS-AES128-SHA256            TLSv1.2  Kx=DH/DSS  Au=DH    Enc=AES(128)      Mac=SHA256
0x00,0x32  -  DHE-DSS-AES128-SHA              SSLv3    Kx=DH      Au=DSS    Enc=AES(128)      Mac=SHA1
0x00,0x31  -  DH-RSA-AES128-SHA              SSLv3    Kx=DH/RSA  Au=DH    Enc=AES(128)      Mac=SHA1
0x00,0x30  -  DH-DSS-AES128-SHA              SSLv3    Kx=DH/DSS  Au=DH    Enc=AES(128)      Mac=SHA1
0x00,0x94  -  RSA-PSK-AES128-CBC-SHA          SSLv3    Kx=RSAPSK  Au=RSA    Enc=AES(128)      Mac=SHA1
0x00,0x0A  -  DES-CBC3-SHA                    SSLv3    Kx=RSA    Au=RSA    Enc=3DES(168)      Mac=SHA1
0xCC,0x14  -  ECDHE-ECDSA-CHACHA20-POLY1305  TLSv1.2  Kx=ECDH    Au=ECDSA  Enc=ChaCha20(256)  Mac=AEAD
0xCC,0x13  -  ECDHE-RSA-CHACHA20-POLY1305    TLSv1.2  Kx=ECDH    Au=RSA    Enc=ChaCha20(256)  Mac=AEAD
0xCC,0x15  -  DHE-RSA-CHACHA20-POLY1305      TLSv1.2  Kx=DH      Au=RSA    Enc=ChaCha20(256)  Mac=AEAD
0xC0,0x77  -  ECDHE-RSA-CAMELLIA256-SHA384    TLSv1.2  Kx=ECDH    Au=RSA    Enc=Camellia(256)  Mac=SHA384
0xC0,0x73  -  ECDHE-ECDSA-CAMELLIA256-SHA384  TLSv1.2  Kx=ECDH    Au=ECDSA  Enc=Camellia(256)  Mac=SHA384
0x00,0xC4  -  DHE-RSA-CAMELLIA256-SHA256      TLSv1.2  Kx=DH      Au=RSA    Enc=Camellia(256)  Mac=SHA256
0x00,0xC3  -  DHE-DSS-CAMELLIA256-SHA256      TLSv1.2  Kx=DH      Au=DSS    Enc=Camellia(256)  Mac=SHA256
0x00,0xC2  -  DH-RSA-CAMELLIA256-SHA256      TLSv1.2  Kx=DH/RSA  Au=DH    Enc=Camellia(256)  Mac=SHA256
0x00,0xC1  -  DH-DSS-CAMELLIA256-SHA256      TLSv1.2  Kx=DH/DSS  Au=DH    Enc=Camellia(256)  Mac=SHA256
0x00,0x88  -  DHE-RSA-CAMELLIA256-SHA        SSLv3    Kx=DH      Au=RSA    Enc=Camellia(256)  Mac=SHA1
0x00,0x87  -  DHE-DSS-CAMELLIA256-SHA        SSLv3    Kx=DH      Au=DSS    Enc=Camellia(256)  Mac=SHA1
0x00,0x86  -  DH-RSA-CAMELLIA256-SHA          SSLv3    Kx=DH/RSA  Au=DH    Enc=Camellia(256)  Mac=SHA1
0x00,0x85  -  DH-DSS-CAMELLIA256-SHA          SSLv3    Kx=DH/DSS  Au=DH    Enc=Camellia(256)  Mac=SHA1
0x00,0xC0  -  CAMELLIA256-SHA256              TLSv1.2  Kx=RSA    Au=RSA    Enc=Camellia(256)  Mac=SHA256
0x00,0x84  -  CAMELLIA256-SHA                SSLv3    Kx=RSA    Au=RSA    Enc=Camellia(256)  Mac=SHA1
0xC0,0x76  -  ECDHE-RSA-CAMELLIA128-SHA256    TLSv1.2  Kx=ECDH    Au=RSA    Enc=Camellia(128)  Mac=SHA256
0xC0,0x72  -  ECDHE-ECDSA-CAMELLIA128-SHA256  TLSv1.2  Kx=ECDH    Au=ECDSA  Enc=Camellia(128)  Mac=SHA256
0x00,0xBE  -  DHE-RSA-CAMELLIA128-SHA256      TLSv1.2  Kx=DH      Au=RSA    Enc=Camellia(128)  Mac=SHA256
0x00,0xBD  -  DHE-DSS-CAMELLIA128-SHA256      TLSv1.2  Kx=DH      Au=DSS    Enc=Camellia(128)  Mac=SHA256
0x00,0xBC  -  DH-RSA-CAMELLIA128-SHA256      TLSv1.2  Kx=DH/RSA  Au=DH    Enc=Camellia(128)  Mac=SHA256
0x00,0xBB  -  DH-DSS-CAMELLIA128-SHA256      TLSv1.2  Kx=DH/DSS  Au=DH    Enc=Camellia(128)  Mac=SHA256
0x00,0x45  -  DHE-RSA-CAMELLIA128-SHA        SSLv3    Kx=DH      Au=RSA    Enc=Camellia(128)  Mac=SHA1
0x00,0x44  -  DHE-DSS-CAMELLIA128-SHA        SSLv3    Kx=DH      Au=DSS    Enc=Camellia(128)  Mac=SHA1
0x00,0x43  -  DH-RSA-CAMELLIA128-SHA          SSLv3    Kx=DH/RSA  Au=DH    Enc=Camellia(128)  Mac=SHA1
0x00,0x42  -  DH-DSS-CAMELLIA128-SHA          SSLv3    Kx=DH/DSS  Au=DH    Enc=Camellia(128)  Mac=SHA1
0x00,0xBA  -  CAMELLIA128-SHA256              TLSv1.2  Kx=RSA    Au=RSA    Enc=Camellia(128)  Mac=SHA256
0x00,0x41  -  CAMELLIA128-SHA                SSLv3    Kx=RSA    Au=RSA    Enc=Camellia(128)  Mac=SHA1
0xC0,0x1C  -  SRP-DSS-3DES-EDE-CBC-SHA        SSLv3    Kx=SRP    Au=DSS    Enc=3DES(168)      Mac=SHA1
0xC0,0x1B  -  SRP-RSA-3DES-EDE-CBC-SHA        SSLv3    Kx=SRP    Au=RSA    Enc=3DES(168)      Mac=SHA1
0xC0,0x1A  -  SRP-3DES-EDE-CBC-SHA            SSLv3    Kx=SRP    Au=SRP    Enc=3DES(168)      Mac=SHA1
0x00,0x10  -  DH-RSA-DES-CBC3-SHA            SSLv3    Kx=DH/RSA  Au=DH    Enc=3DES(168)      Mac=SHA1
0x00,0x0D  -  DH-DSS-DES-CBC3-SHA            SSLv3    Kx=DH/DSS Au=DH    Enc=3DES(168)      Mac=SHA1
0x00,0x93 RSA-PSK-3DES-EDE-CBC-SHA       SSLv3    Kx=RSAPSK  Au=RSA    Enc=3DES(168)      Mac=SHA1
</source>
</source>


The ciphers are described here: http://www.openssl.org/docs/apps/ciphers.html
Rationale:
 
* You should take a hard look at your infrastructure needs before using this configuration; it is intended for special use cases only, and most servers should use the intermediate configuration instead.
= Prioritization logic =
* SSLv3 is enabled to support WinXP SP2 clients on IE.
 
* SHA1 certificates are authorized but only via certificate switching, meaning the server must implement custom logic to provide a SHA1 certs to old clients, and SHA256 certs to all others. More information in the "Certificates Switching" section later in this document.
# ECDHE+AESGCM ciphers are selected first. These are TLS 1.2 ciphers and not widely supported at the moment. No known attack currently target these ciphers.
* Most ciphers that are not clearly broken and dangerous to use are supported
# [[#Forward_Secrecy|PFS]] ciphersuites are preferred, with ECDHE first, then DHE.
# SHA256 signature is preferred to SHA-1 in ciphers and certificates. MD5 is disallowed entirely.
# AES 128 is preferred to AES 256. There has been [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg11247.html discussions] on whether AES256 extra security was worth the cost, and the result is far from obvious. At the moment, AES128 is preferred, because it provides good security, is really fast, and seems to be more resistant to timing attacks.
# In the backward compatible ciphersuite, AES is preferred to 3DES. [[#Attacks_on_TLS|BEAST]] attacks on AES are mitigated in TLS 1.1 and above, and difficult to achieve in TLS 1.0. In the modern configuration, 3DES is not present.
# RC4 is removed entirely. 3DES is used for backward compatibility. See discussion in [[#RC4_weaknesses]]


= Mandatory discards =
= Mandatory discards =
Line 228: Line 258:
* disable DHE altogether, relying on ECDHE for PFS if you don't support legacy clients lacking ECDHE support (see [[#DHE_and_ECDHE_support]]).
* disable DHE altogether, relying on ECDHE for PFS if you don't support legacy clients lacking ECDHE support (see [[#DHE_and_ECDHE_support]]).


It is currently assumed that standardized 2048 bits DH groups provide sufficient security to resist factorization attacks. However, the careful administrator should generate a random DH group instead of using a  
It is currently assumed that standardized 2048 bits DH groups provide sufficient security to resist factorization attacks. However, the careful administrator should generate a random DH group instead of using a
standardized one when setting up a new server, as advised by the [https://weakdh.org|logjam] authors.
standardized one when setting up a new server, as advised by the [https://weakdh.org|logjam] authors.


Line 256: Line 286:
|-
|-
! Java supported !! ECDHE prioritized !! smallest DH parameter size
! Java supported !! ECDHE prioritized !! smallest DH parameter size
|-  
|-
|  6 || irrelevant || 1024
|  6 || irrelevant || 1024
|-  
|-
|  7 || NO || 1024
|  7 || NO || 1024
|-  
|-
|  7 || YES || 2048
|  7 || YES || 2048
|-  
|-
|  8 || irrelevant || 2048
|  8 || irrelevant || 2048
|}
|}
Line 281: Line 311:


<pre>
<pre>
Authority Information Access:  
Authority Information Access:
       OCSP - URI:http://ocsp.startssl.com/sub/class1/server/ca
       OCSP - URI:http://ocsp.startssl.com/sub/class1/server/ca
</pre>
</pre>
Line 330: Line 360:
Due to its experimental nature, HPKP is currently '''not''' recommended on production sites. More informations can be found on the [https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning MDN description page].
Due to its experimental nature, HPKP is currently '''not''' recommended on production sites. More informations can be found on the [https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning MDN description page].


= Recommended Server Configurations =
= Certificates Switching =


Try out our configuration generator to create a sample configuration file for various servers. Click the image below:
Certificates Switching is a technique by which a server provides a different X.509 certificate to a client based on specific selection criteria. This technique is used primarily to maintain backward compatibility with very old clients, such as Internet Explorer 6 on Windows XP SP2.


[[Image:Server-side-tls-config-generator.png|link=https://mozilla.github.io/server-side-tls/ssl-config-generator/]]
On XPSP2, IE6 is only able to establish connections to servers that provide a certificate signed with sha1WithRSAEncryption. Those certificates are note issued by modern CAs anymore, and all sites have been encouraged to upgrade to SHA-256 certificates. As modern browsers gradually block connections backed by SHA-1 certificates, sites that need to maintain compatibility with XPSP2 must implement certificates switching to provide a SHA-1 cert to old clients and a SHA-256 cert to modern ones.


== Nginx ==
Certificate switching can be implemented in various ways. A simplistic approach is to select the certificate based on the protocol version (SHA-256 to TLS clients, SHA-1 to SSLv3 ones). A more sophisticated approach consists at looking inside the CLIENT HELLO for SHA-256 support in the "signature_algorithms" extension.


Nginx provides OCSP Stapling, custom DH parameters, and the full flavor of TLS versions (from OpenSSL).
Few servers currently support cert switching. It is possible to implement it using [https://jve.linuxwall.info/blog/index.php?post/2015/10/04/SHA1/SHA256-certificate-switching-with-HAProxy HAProxy], and vendors like Cloudflare propose it in their offering.


<pre>
= Recommended Server Configurations =
server {
    listen 443 ssl;


    # certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
All configuration samples have been moved to the configuration generator and the [[Security/TLS_Configurations]] archive. Access the generator by clicking the image below:
    ssl_certificate /path/to/signed_cert_plus_intermediates;
    ssl_certificate_key /path/to/private_key;
    ssl_session_timeout 5m;
    ssl_session_cache shared:SSL:5m;


    # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
[[Image:Server-side-tls-config-generator.png|link=https://mozilla.github.io/server-side-tls/ssl-config-generator/]]
    ssl_dhparam /path/to/dhparam.pem;


    # Intermediate configuration. tweak to your needs.
= Tools =
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
== CipherScan ==
    ssl_ciphers '<paste intermediate ciphersuite here>';
    ssl_prefer_server_ciphers on;
    # Enable this if your want HSTS (recommended)
    # add_header Strict-Transport-Security max-age=15768000;
    # OCSP Stapling ---
    # fetch OCSP records from URL in ssl_certificate and cache them
    ssl_stapling on;
    ssl_stapling_verify on;
    ## verify chain of trust of OCSP response using Root CA and Intermediate certs
    ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;
    resolver <IP DNS resolver>;
    ....
}
</pre>


== Apache ==
See https://github.com/jvehent/cipherscan
Apache supports OCSP Stapling, but only in httpd 2.3.3 and later.


Before Apache 2.4.7, the DH parameter is always set to 1024 bits and is not user configurable. This has been fixed in mod_ssl 2.4.7 that Red Hat has backported into their RHEL 6 Apache 2.2 distribution with httpd-2.2.15-32.el6. Future versions of Apache will automatically select a better value for the DH parameter.
Cipherscan is a small Bash script that connects to a target and list the preferred Ciphers. It's an easy way to test a web server for available ciphers, PFS key size, elliptic curves, support for OCSP Stapling, TLS ticket lifetime and certificate trust.


<pre>
<source lang="bash">
<VirtualHost *:443>
$ ./cipherscan jve.linuxwall.info
    ...
..........................
    SSLEngine on
prio  ciphersuite                  protocols              pfs_keysize
    SSLCertificateFile      /path/to/signed_certificate
1    ECDHE-RSA-AES128-GCM-SHA256  TLSv1.2                ECDH,P-256,256bits
    SSLCertificateChainFile /path/to/intermediate_certificate
2    ECDHE-RSA-AES256-GCM-SHA384  TLSv1.2                ECDH,P-256,256bits
    SSLCertificateKeyFile  /path/to/private/key
3    DHE-RSA-AES256-GCM-SHA384    TLSv1.2                DH,4096bits
    SSLCACertificateFile    /path/to/all_ca_certs
4    DHE-RSA-AES128-GCM-SHA256    TLSv1.2                DH,4096bits
 
    # Intermediate configuration, tweak to your needs
    SSLProtocol            all -SSLv2 -SSLv3
    SSLCipherSuite          <paste intermediate ciphersuite here>
    SSLHonorCipherOrder    on
    SSLCompression          off
 
    # OCSP Stapling, only in httpd 2.3.3 and later
    SSLUseStapling          on
    SSLStaplingResponderTimeout 5
    SSLStaplingReturnResponderErrors off
    # On Apache 2.4+, SSLStaplingCache must be set *outside* of the VirtualHost
    SSLStaplingCache        shmcb:/var/run/ocsp(128000)
    # Enable this if your want HSTS (recommended)
    # Header add Strict-Transport-Security "max-age=15768000"
    ...
</VirtualHost>
# TLS Session cache, outside of virtual host, apache 2.4+
# the path doesn't need to exist
SSLSessionCache        shmcb:/path/to/ssl_gcache_data(5120000)
</pre>
 
== Haproxy ==
 
SSL support in Haproxy is stable in 1.5. Haproxy supports OCSP Stapling and custom DH parameters size. It can be used as a TLS termination in AWS using ELBs and the PROXY protocol. See [https://jve.linuxwall.info/ressources/taf/haproxy-aws/ Guidelines for HAProxy termination in AWS]
 
<pre>
global
    # set default parameters to the Intermediate configuration
    tune.ssl.default-dh-param 2048
    ssl-default-bind-ciphers <paste intermediate ciphersuite here>
 
frontend ft_test
    mode    http
    bind    0.0.0.0:443 ssl no-sslv3 crt /path/to/<cert+privkey+intermediate+dhparam>
    # Enable this if your want HSTS (recommended)
    # rspadd  Strict-Transport-Security:\ max-age=15768000
</pre>
<div style="font-family: 'Fira Sans','Trebuchet MS',sans-serif !important; font-size: 140%; font-weight: bold; line-height: 1.6">OCSP Stapling support</div>
While HAProxy can serve OCSP stapled responses, it cannot fetch and update OCSP records from the CA automatically. The OCSP response must be downloaded by another process and placed next to the certificate, with a '.ocsp' extension.
<pre>
/etc/haproxy/certs/
├── ca.pem
├── server_cert.pem
├── server_bundle.pem
└── server_bundle.pem.ocsp
</pre>
The file 'server_bundle.pem.ocsp' must be retrieved and updated at regular intervals. A cronjob can be used for this:
<pre>
$ openssl ocsp -noverify -issuer /etc/haproxy/certs/ca.pem \
-cert /etc/haproxy/certs/server_cert.pem \
-url http://ocsp.startssl.com/sub/class1/server/ca \
-no_nonce -header Host ocsp.startssl.com \
-respout /etc/haproxy/certs/server_bundle.pem.ocsp
</pre>
The URL above is taken from the server certificate:
<pre>
$ openssl x509 -in server_cert.pem -text | grep OCSP
OCSP - URI:http://ocsp.startssl.com/sub/class1/server/ca
</pre>
 
== Stud ==
 
Stud is a lightweight SSL termination proxy. It's basically a wrapper for OpenSSL. Stud is not being heavily developed, and features such as OCSP stapling are missing. But it is very lightweight and efficient, and with a recent openssl, supports all the TLS 1.2 ciphers.
<pre>
# SSL x509 certificate file. REQUIRED.
# List multiple certs to use SNI. Certs are used in the order they
# are listed; the last cert listed will be used if none of the others match
#
# type: string
pem-file = "<concatenate cert + privkey + dhparam>"
# SSL protocol.
#
tls = on
ssl = on
# List of allowed SSL ciphers.
#
# Run openssl ciphers for list of available ciphers.
# type: string
ciphers = "<paste intermediate ciphersuite here>"
# Enforce server cipher list order
#
# type: boolean
prefer-server-ciphers = on
</pre>
 
== Amazon Web Services Elastic Load Balancer (AWS ELB) ==
 
The ELB service supports TLS 1.2 and ciphers ordering, but lacks support for custom DH parameters and OCSP Stapling.
 
The default configuration of ELBs has old settings, that can be customized in the Web Console or via the API. We recommend that you use the [[Security/Server_Side_TLS#elb_ciphers.py]] to enforce the right TLS configuration on an elastic load balancer.
 
Below is a side-by-side comparison of the 'intermediate' recommended configuration versus the default ELB configuration. The top ciphers are the same, but SSLv3 and various deprecated ciphers are removed from the intermediate configuration.
 
<source>
= INTERMEDIATE configuration =                                              |  = default ELB configuration =
                                                                            |
prio  ciphersuite                  protocols              pfs_keysize        |  prio  ciphersuite                  protocols                    pfs_keysize
1    ECDHE-RSA-AES128-GCM-SHA256  TLSv1.2                ECDH,P-256,256bits |  1    ECDHE-RSA-AES128-GCM-SHA256  TLSv1.2                      ECDH,P-256,256bits
2    ECDHE-RSA-AES128-SHA256      TLSv1.2                ECDH,P-256,256bits |  2    ECDHE-RSA-AES128-SHA256      TLSv1.2                      ECDH,P-256,256bits
3    ECDHE-RSA-AES128-SHA        TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits |  3    ECDHE-RSA-AES128-SHA        SSLv3,TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
4    ECDHE-RSA-AES256-GCM-SHA384  TLSv1.2                ECDH,P-256,256bits |  4    ECDHE-RSA-AES256-GCM-SHA384  TLSv1.2                      ECDH,P-256,256bits
5    ECDHE-RSA-AES256-SHA384      TLSv1.2                ECDH,P-256,256bits |  5    ECDHE-RSA-AES256-SHA384      TLSv1.2                      ECDH,P-256,256bits
6    ECDHE-RSA-AES256-SHA        TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits |  6    ECDHE-RSA-AES256-SHA        SSLv3,TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
7    AES128-GCM-SHA256            TLSv1.2                                  |  7    AES128-GCM-SHA256            TLSv1.2
8    AES128-SHA256                TLSv1.2                                  |  8    AES128-SHA256                TLSv1.2
9    AES128-SHA                  TLSv1,TLSv1.1,TLSv1.2                    |  9    AES128-SHA                  SSLv3,TLSv1,TLSv1.1,TLSv1.2
10    AES256-GCM-SHA384            TLSv1.2                                  |  10    AES256-GCM-SHA384            TLSv1.2
11    AES256-SHA256                TLSv1.2                                  |  11    AES256-SHA256                TLSv1.2
12    AES256-SHA                  TLSv1,TLSv1.1,TLSv1.2                    |  12    AES256-SHA                  SSLv3,TLSv1,TLSv1.1,TLSv1.2
13    DHE-RSA-AES128-SHA          TLSv1,TLSv1.1,TLSv1.2  DH,1024bits        |  13    DHE-RSA-AES128-SHA          SSLv3,TLSv1,TLSv1.1,TLSv1.2  DH,1024bits
14    CAMELLIA128-SHA              TLSv1,TLSv1.1,TLSv1.2                    |  14    ECDHE-RSA-RC4-SHA            SSLv3,TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
15    DHE-RSA-AES256-GCM-SHA384    TLSv1.2                DH,1024bits        |  15    RC4-SHA                      SSLv3,TLSv1,TLSv1.1,TLSv1.2
16    DHE-RSA-AES256-SHA256        TLSv1.2                DH,1024bits        |
17    DHE-RSA-AES256-SHA          TLSv1,TLSv1.1,TLSv1.2  DH,1024bits        |  Certificate: trusted, 2048 bit, sha256WithRSAEncryption signature
18    CAMELLIA256-SHA              TLSv1,TLSv1.1,TLSv1.2                    |  TLS ticket lifetime hint: 300
19    DHE-RSA-AES128-GCM-SHA256    TLSv1.2                DH,1024bits        |  OCSP stapling: not supported
20    DHE-RSA-AES128-SHA256        TLSv1.2                DH,1024bits        |
                                                                            |
Certificate: trusted, 2048 bit, sha256WithRSAEncryption signature            |
TLS ticket lifetime hint: 300                                                |
OCSP stapling: not supported                                                |
</source>
 
If you want better control over TLS than ELB provide, another option in AWS is to terminate SSL on HAproxy, using the PROXY protocol between ELB and HAproxy. https://jve.linuxwall.info/ressources/taf/haproxy-aws/
 
== Zeus Load Balancer (Riverbed Stingray) ==
ZLB supports TLS1.2 and OCSP Stapling. It lacks support for Elliptic Curves and AES-GCM.
As of Riverbed Steelhead 9.6, TLS parameters are configurable per site.
 
The recommended prioritization is:
# SSL_DHE_RSA_WITH_AES_128_CBC_SHA
# SSL_DHE_RSA_WITH_AES_256_CBC_SHA
# SSL_RSA_WITH_AES_128_CBC_SHA
# SSL_RSA_WITH_AES_256_CBC_SHA
# SSL_RSA_WITH_3DES_EDE_CBC_SHA
 
The following strings can be used directly in the ZLB configuration, under global settings > ssl3_ciphers.
'''with 3DES'''
<source lang="bash">
SSL_DHE_RSA_WITH_AES_128_CBC_SHA,SSL_DHE_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA
</source>
'''without 3DES'''
<source lang="bash">
SSL_DHE_RSA_WITH_AES_128_CBC_SHA,SSL_DHE_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_AES_256_CBC_SHA
</source>
 
While the recommended DH prime size is 2048, problems with client libraries, such as Java 6/7, make this impossible to deploy for now. Therefore, a DH prime of 1024 bits should be used until all clients are compatible with larger primes.
 
== Citrix Netscaler ==
 
There is an issue with Netscaler's TLS1.2 and DHE ciphers. When DHE is used, the TLS handshake fails with a fatal 'Decode error'.
TLS1.2 works fine with AES and RC4 ciphers.
 
Netscaler documentation is at http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-ssl-supported-ciphers-list-ref.html
 
The configuration sample below shows how a default ciphersuite object can be created and attached to a vserver.
 
First, create a default ciphersuite that can be used in all vservers.
<pre>
> add ssl cipher MozillaDefault
> bind ssl cipher MozillaDefault -cipherName TLS1-DHE-DSS-AES-128-CBC-SHA
> bind ssl cipher MozillaDefault -cipherName TLS1-DHE-RSA-AES-128-CBC-SHA
> bind ssl cipher MozillaDefault -cipherName TLS1-DHE-DSS-AES-256-CBC-SHA
> bind ssl cipher MozillaDefault -cipherName TLS1-DHE-RSA-AES-256-CBC-SHA
> bind ssl cipher MozillaDefault -cipherName TLS1-AES-128-CBC-SHA
> bind ssl cipher MozillaDefault -cipherName TLS1-AES-256-CBC-SHA
> bind ssl cipher MozillaDefault -cipherName SSL3-DES-CBC3-SHA
</pre>
 
Second, create a DH parameter. If backward compatibility with Java 6/7 isn't needed, use 2048 instead of 1024.
<pre>
> create ssl dhparam /nsconfig/ssl/dh1024.pem 1024 -gen 5
</pre>
 
Third, configure the vserver to use the default ciphersuite and DH parameter.
<pre>
> add ssl certKey <domain> -cert <cert> -key <key>
> add ssl certKey <intermediateCertName> -cert <intermediateCertName>
> link ssl certKey <domain> <intermediateCertName>
> set ssl vserver <domain>:https -eRSA ENABLED
> bind ssl vserver <domain>:https -cipherName MozillaDefault
> set ssl vserver <domain>:https -dh ENABLED -dhFile /nsconfig/ssl/dh1024.pem -dhCount 1000
</pre>
 
The resulting configuration can be viewed with 'show ssl'
<pre>
> show ssl vserver marketplace.firefox.com:https
 
    Advanced SSL configuration for VServer marketplace.firefox.com:https:
    DH: ENABLED    DHParam File: /nsconfig/ssl/dh1024.pem    Refresh Count: 1000
    Ephemeral RSA: ENABLED        Refresh Count: 0
    Session Reuse: ENABLED        Timeout: 120 seconds
    Cipher Redirect: DISABLED
    SSLv2 Redirect: DISABLED
    ClearText Port: 0
    Client Auth: DISABLED
    SSL Redirect: DISABLED
    Non FIPS Ciphers: DISABLED
    SNI: DISABLED
    SSLv2: DISABLED    SSLv3: ENABLED    TLSv1: ENABLED
    Push Encryption Trigger: Always
    Send Close-Notify: YES
 
1)    CertKey Name: marketplace.mozilla.org.san    Server Certificate
1)    Cipher Name: MozillaDefault    Description: User Created Cipher Group
</pre>
 
== Go ==
 
The Go standard library supports TLS1.2 and a limited subset of ECDHE and GCM ciphers. To configure a Go program accepting TLS connections, use the following code:
 
<source lang="python">
    config := tls.Config{
        MinVersion:              tls.VersionTLS10,
        PreferServerCipherSuites: true,
        CipherSuites: []uint16{
            tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
            tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
            tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
            tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
            tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
            tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
            tls.TLS_RSA_WITH_AES_128_CBC_SHA,
            tls.TLS_RSA_WITH_AES_256_CBC_SHA,
            tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
            tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA},
    }
</source>
 
== F5 BIG-IP ==
 
BIG-IP uses SSL profiles which may be applied to one or multiple 'virtual servers' (VIPs). SSL profiles may use F5's default recommended cipher suites or may be manually configured to explicitly state which, and in what order, they are applied. SSL profiles can make use of multiple key types and support alternate key chains for each type (RSA, DSA and ECDSA). This can be performed either via the management web interface or via the TMOS command line (console or SSH).
 
<div style="font-family: 'Fira Sans','Trebuchet MS',sans-serif !important; font-size: 140%; font-weight: bold; line-height: 1.6">Configuring Recommended Cipher-suites</div>
 
To create a new SSL profile to conform to the '''Modern Compatibility''' cipher suite use the tmsh create profile command as follows...
 
<pre>
tmsh create /ltm profile client-ssl moz_modern ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DHE+AES-GCM:
ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-CBC-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:
ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-CBC-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:
DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!EXPORT:!DES:!RC4:!3DES:!MD5
</pre>
 
Note that Null ciphers are automatically rejected and are only made available if explicitly allowed by the F5 administrator.
 
Currently DHE-RSA-AES128-SHA256 & DHE-RSA-AES256-SHA256 are not available in TMOS v11.6.x. This is expected to be resolved in an upcoming hotfix and the next major release of TMOS. The full list of support ciphers is available here: https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13163.html
 
To apply this new profile to an existing virtual server use either the management web interface or the following command line:
 
<pre>tmsh modify /ltm virtual my_virtual_server profiles add { moz_modern }</pre>
 
Any subsequenty changes to the SSL profile do not need to be manually re-applied to the LTM virtual server.
 
<div style="font-family: 'Fira Sans','Trebuchet MS',sans-serif !important; font-size: 140%; font-weight: bold; line-height: 1.6">OCSP Stapling</div>
 
Using the '''modify''' command allows us to easily add settings to our new SSL profile. Adding OCSP stapling is a 3 step process. First we must create a DNS resolver for outbound queries. Secondly we create our OCSP Stapling profile making use of this DNS resolver. Finally we add the OCSP Stapling profile to our SSL profile.
 
'''1. Creating the DNS resolver'''
This command creates a DNS resolver for all domains (.) and uses Googles public DNS servers
 
<pre>tmsh create net dns-resolver myResolver forward-zones add { . { nameservers add { 8.8.8.8:53 } nameservers add { 8.8.4.4:53 } } }</pre>
 
'''2. Creating the OCSP Stapling profile'''
The following command is used to create an OCSP stapling profile called '''myOCSP''' with our new DNS resolver '''myResolver'''
 
<pre>tmsh create ltm profile ocsp-stapling-params myOCSP dns-resolver myResolver trusted-ca ca-bundle.crt</pre>
 
'''3. Applying the OCSP Stapling profile to the DNS profile'''
Using the '''modify''' command we will replace the default certificate and key in our existing SSL profile with the same default cert/key but, this time, making using of our new OCSP profile.
 
<pre>tmsh modify ltm profile client-ssl moz_modern cert-key-chain replace-all-with { default { cert default.crt key default.key ocsp-stapling-params myOCSP } }</pre>
 
<div style="font-family: 'Fira Sans','Trebuchet MS',sans-serif !important; font-size: 140%; font-weight: bold; line-height: 1.6">Session Resumption</div>
 
To enable session resumption using Session Tickets enable the option in the SSL profile via the management web interface or use the '''session-ticket enabled''' parameter when creating the profile at the command line. Again, we can use the '''modify''' command to append this to our existing '''moz_modern''' SSL profile.
 
For example:
 
<pre>tmsh modify /ltm profile client-ssl moz_modern session-ticket enabled</pre>
 
<div style="font-family: 'Fira Sans','Trebuchet MS',sans-serif !important; font-size: 140%; font-weight: bold; line-height: 1.6">Viewing the config</div>
 
To confirm the configuration of your new SSL profile and to ensure that it is correctly applied to your virtual server use the '''list''' command.
 
View your SSL profile:
 
<pre>tmsh list ltm profile client-ssl moz_modern</pre>
 
Which outputs all configuration paratmers of the profile called '''moz_modern''':
 
<source>ltm profile client-ssl moz_modern {
    app-service none
    cert-key-chain {
        default {
            cert default.crt
            key default.key
            ocsp-stapling-params myOCSP
        }
    }
    ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DHE+AES-GCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-CBC-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-CBC-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!EXPORT:!DES:!RC4:!3DES:!MD5
    inherit-certkeychain true
    session-ticket enabled
}
</source>
 
And to check it is correctly applied to your virtual server:
 
<pre>list ltm virtual vs_myWebsite</pre>
 
Which should list the SSL profile by name:
 
<source>ltm virtual vs_myWebsite {
    destination 10.0.0.100:https
    ip-protocol tcp
    mask 255.255.255.255
    pool pool_webServers
    profiles {
        http { }
        http2 { }
        manual_profile { }
        moz_modern {
            context clientside
        }
        spdy { }
        tcp { }
        wan-optimized-compression { }
    }
    rules { }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    vs-index 4
}
</source>
 
<div style="font-family: 'Fira Sans','Trebuchet MS',sans-serif !important; font-size: 140%; font-weight: bold; line-height: 1.6">Enabling HSTS</div>
 
iRules are F5's flexible scripting language and can be used to easily enable HSTS for any TLS website. The standard HTTP should have redirection configured to send users to the HTTPS site. The following simple iRule is then applied to the HTTPS virtual server to insert the HSTS header enabling the maximum allowed age and including sub domains.
 
<source>
when HTTP_RESPONSE {
  HTTP::header insert Strict-Transport-Security "max-age=15768000; includeSubDomains"
}
</source>
 
= CipherScan =
 
See https://github.com/jvehent/cipherscan
 
Cipherscan is a small Bash script that connects to a target and list the preferred Ciphers. It's an easy way to test a web server for available ciphers, PFS key size, elliptic curves, support for OCSP Stapling, TLS ticket lifetime and certificate trust.
 
<source lang="bash">
$ ./cipherscan jve.linuxwall.info
..........................
prio  ciphersuite                  protocols              pfs_keysize
1    ECDHE-RSA-AES128-GCM-SHA256  TLSv1.2                ECDH,P-256,256bits
2    ECDHE-RSA-AES256-GCM-SHA384  TLSv1.2                ECDH,P-256,256bits
3    DHE-RSA-AES256-GCM-SHA384    TLSv1.2                DH,4096bits
4    DHE-RSA-AES128-GCM-SHA256    TLSv1.2                DH,4096bits
5    ECDHE-RSA-AES128-SHA256      TLSv1.2                ECDH,P-256,256bits
5    ECDHE-RSA-AES128-SHA256      TLSv1.2                ECDH,P-256,256bits
6    ECDHE-RSA-AES128-SHA        TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
6    ECDHE-RSA-AES128-SHA        TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
Line 781: Line 418:
</source>
</source>


= SSL Labs (Qualys) =
== SSL Labs (Qualys) ==


Available here: https://www.ssllabs.com/ssltest/
Available here: https://www.ssllabs.com/ssltest/
Line 789: Line 426:
GlobalSign has a modified interface of SSL Labs that is interesting as well: https://sslcheck.globalsign.com/
GlobalSign has a modified interface of SSL Labs that is interesting as well: https://sslcheck.globalsign.com/


= elb_ciphers.py =
= Attacks on SSL and TLS =
This python script uses boto to create a TLS policy and apply it to a given load balancer. Make sure you have an AWS access key configured in ~/.boto to use this script, then invoke it as follow:
== BEAST (CVE-2011-3389) ==
<source lang="bash">
$ python cipher.py us-east-1 stooge-lb-prod-1 modern
New Policy 'Mozilla-OpSec-TLS-Modern-v-3-2' created and applied to load balancer stooge-lb-prod-1 in us-east-1
</source>
If no mode is specified, the intermediate mode will be used. The modes are 'old', 'intermediate' and 'modern', and map to the recommended configurations.
<source lang="python">
#!/usr/bin/env python
 
# Apply recommendation from https://wiki.mozilla.org/Security/Server_Side_TLS
 
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
# Contributors:
# Gene Wood [:gene]
# Julien Vehent [:ulfr]
# JP Schneider [:jp]
 
import boto.ec2.elb
import sys
 
if len(sys.argv) < 3:
  print "usage : %s REGION ELB-NAME <MODE>" % sys.argv[0]
  print ""
  print "Example : %s us-west-2 persona-org-0810" % sys.argv[0]
  print "MODE can be 'old', 'intermediate' (default) or 'modern'"
  print "see https://wiki.mozilla.org/Security/Server_Side_TLS"
  sys.exit(1)
 
region = sys.argv[1]
load_balancer_name = sys.argv[2]
try:
    conf_mode = sys.argv[3]
except IndexError:
    conf_mode = 'intermediate'
conn_elb = boto.ec2.elb.connect_to_region(region)
 
#import logging
#logging.basicConfig(level=logging.DEBUG)
 
policy = {'old':{},
          'intermediate':{},
          'modern':{}}
 
policy['old']['name'] = 'Mozilla-OpSec-TLS-Old-v-3-3'
policy['old']['ciphersuite'] = {
                "ECDHE-ECDSA-AES128-GCM-SHA256": True,
                "ECDHE-RSA-AES128-GCM-SHA256": True,
                "ECDHE-ECDSA-AES128-SHA256": True,
                "ECDHE-RSA-AES128-SHA256": True,
                "ECDHE-ECDSA-AES128-SHA": True,
                "ECDHE-RSA-AES128-SHA": True,
                "ECDHE-ECDSA-AES256-GCM-SHA384": True,
                "ECDHE-RSA-AES256-GCM-SHA384": True,
                "ECDHE-ECDSA-AES256-SHA384": True,
                "ECDHE-RSA-AES256-SHA384": True,
                "ECDHE-RSA-AES256-SHA": True,
                "ECDHE-ECDSA-AES256-SHA": True,
                "ADH-AES128-GCM-SHA256": False,
                "ADH-AES256-GCM-SHA384": False,
                "ADH-AES128-SHA": False,
                "ADH-AES128-SHA256": False,
                "ADH-AES256-SHA": False,
                "ADH-AES256-SHA256": False,
                "ADH-CAMELLIA128-SHA": False,
                "ADH-CAMELLIA256-SHA": False,
                "ADH-DES-CBC3-SHA": False,
                "ADH-DES-CBC-SHA": False,
                "ADH-RC4-MD5": False,
                "ADH-SEED-SHA": False,
                "AES128-GCM-SHA256": True,
                "AES256-GCM-SHA384": True,
                "AES128-SHA": True,
                "AES128-SHA256": True,
                "AES256-SHA": True,
                "AES256-SHA256": True,
                "CAMELLIA128-SHA": True,
                "CAMELLIA256-SHA": True,
                "DES-CBC3-MD5": False,
                "DES-CBC3-SHA": True,
                "DES-CBC-MD5": False,
                "DES-CBC-SHA": False,
                "DHE-DSS-AES128-GCM-SHA256": True,
                "DHE-DSS-AES256-GCM-SHA384": True,
                "DHE-DSS-AES128-SHA": True,
                "DHE-DSS-AES128-SHA256": True,
                "DHE-DSS-AES256-SHA": True,
                "DHE-DSS-AES256-SHA256": True,
                "DHE-DSS-CAMELLIA128-SHA": False,
                "DHE-DSS-CAMELLIA256-SHA": False,
                "DHE-DSS-SEED-SHA": False,
                "DHE-RSA-AES128-GCM-SHA256": True,
                "DHE-RSA-AES256-GCM-SHA384": True,
                "DHE-RSA-AES128-SHA": True,
                "DHE-RSA-AES128-SHA256": True,
                "DHE-RSA-AES256-SHA": True,
                "DHE-RSA-AES256-SHA256": True,
                "DHE-RSA-CAMELLIA128-SHA": False,
                "DHE-RSA-CAMELLIA256-SHA": False,
                "DHE-RSA-SEED-SHA": False,
                "EDH-DSS-DES-CBC3-SHA": False,
                "EDH-DSS-DES-CBC-SHA": False,
                "EDH-RSA-DES-CBC3-SHA": False,
                "EDH-RSA-DES-CBC-SHA": False,
                "EXP-ADH-DES-CBC-SHA": False,
                "EXP-ADH-RC4-MD5": False,
                "EXP-DES-CBC-SHA": False,
                "EXP-EDH-DSS-DES-CBC-SHA": False,
                "EXP-EDH-RSA-DES-CBC-SHA": False,
                "EXP-KRB5-DES-CBC-MD5": False,
                "EXP-KRB5-DES-CBC-SHA": False,
                "EXP-KRB5-RC2-CBC-MD5": False,
                "EXP-KRB5-RC2-CBC-SHA": False,
                "EXP-KRB5-RC4-MD5": False,
                "EXP-KRB5-RC4-SHA": False,
                "EXP-RC2-CBC-MD5": False,
                "EXP-RC4-MD5": False,
                "IDEA-CBC-SHA": False,
                "KRB5-DES-CBC3-MD5": False,
                "KRB5-DES-CBC3-SHA": False,
                "KRB5-DES-CBC-MD5": False,
                "KRB5-DES-CBC-SHA": False,
                "KRB5-RC4-MD5": False,
                "KRB5-RC4-SHA": False,
                "PSK-3DES-EDE-CBC-SHA": False,
                "PSK-AES128-CBC-SHA": False,
                "PSK-AES256-CBC-SHA": False,
                "PSK-RC4-SHA": False,
                "RC2-CBC-MD5": False,
                "RC4-MD5": False,
                "RC4-SHA": False,
                "SEED-SHA": False,
                "Protocol-SSLv2": False,
                "Protocol-SSLv3": True,
                "Protocol-TLSv1": True,
                "Protocol-TLSv1.1": True,
                "Protocol-TLSv1.2": True,
                "Server-Defined-Cipher-Order": True
                }
 
# reuse the Old policy minus SSLv3 and 3DES
policy['intermediate']['name'] = 'Mozilla-OpSec-TLS-Intermediate-v-3-3'
policy['intermediate']['ciphersuite'] = policy['old']['ciphersuite'].copy()
policy['intermediate']['ciphersuite'].update(
    {"Protocol-SSLv3": False})
 
# reuse the intermediate policy minus TLSv1 and non PFS ciphers
policy['modern']['name'] = 'Mozilla-OpSec-TLS-Modern-v-3-3'
policy['modern']['ciphersuite'] = policy['intermediate']['ciphersuite'].copy()
policy['modern']['ciphersuite'].update(
    {"Protocol-TLSv1": False,
    "AES128-GCM-SHA256": False,
    "AES256-GCM-SHA384": False,
    "DHE-DSS-AES128-SHA": False,
    "AES128-SHA256": False,
    "AES128-SHA": False,
    "DHE-DSS-AES256-SHA256": False,
    "AES256-SHA256": False,
    "AES256-SHA": False,
    "CAMELLIA128-SHA": False,
    "CAMELLIA256-SHA": False,
    "DES-CBC3-SHA": False})
 
if not conf_mode in policy.keys():
    print "Invalid policy name, must be one of %s" % policy.keys()
    sys.exit(1)
 
# Create the Ciphersuite Policy
params = {'LoadBalancerName': load_balancer_name,
          'PolicyName': policy[conf_mode]['name'],
          'PolicyTypeName': 'SSLNegotiationPolicyType'}
conn_elb.build_complex_list_params(
    params,
    [(x, policy[conf_mode]['ciphersuite'][x]) for x in policy[conf_mode]['ciphersuite'].keys()],
    'PolicyAttributes.member',
    ('AttributeName', 'AttributeValue'))
policy_result = conn_elb.get_list('CreateLoadBalancerPolicy', params, None, verb='POST')
 
# Apply the Ciphersuite Policy to your ELB
params = {'LoadBalancerName': load_balancer_name,
          'LoadBalancerPort': 443,
          'PolicyNames.member.1': policy[conf_mode]['name']}
 
result = conn_elb.get_list('SetLoadBalancerPoliciesOfListener', params, None)
print "New Policy '%s' created and applied to load balancer %s in %s" % (
    policy[conf_mode]['name'],
    load_balancer_name,
    region)
</source>
 
= Appendices =
== Supported ciphers on various systems ==
 
On a variety of ~900 systems (RHEL5 & 6, CentOS 5 & 6 and Ubuntu), the following versions of OpenSSL were found:
{| class="wikitable"
|-
| 37 || OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
|-
| 35 || OpenSSL 0.9.8k 25 Mar 2009
|-
| 777 || OpenSSL 1.0.0-fips 29 Mar 2010
|-
| 18 || OpenSSL 1.0.1 14 Mar 2012
|}
 
The recommended ciphersuite was tested on each system. The list below shows the ciphersuites supported by all tested systems. However old your setup may be, it is safe to assume that the following ciphers are going to be available:
* RC4-SHA
* DHE-RSA-AES128-SHA
* DHE-RSA-AES256-SHA
* AES128-SHA
* AES256-SHA
* DHE-DSS-AES128-SHA
* DHE-DSS-AES256-SHA
 
== Attacks on SSL and TLS ==
=== BEAST (CVE-2011-3389) ===


Beast is a vulnerability in the Initialization Vector (IV) of the CBC mode of AES, Camellia and a few other ciphers that use CBC mode. The attack allows a  MITM attacker to recover plaintext values by encrypting the same message multiple times.
Beast is a vulnerability in the Initialization Vector (IV) of the CBC mode of AES, Camellia and a few other ciphers that use CBC mode. The attack allows a  MITM attacker to recover plaintext values by encrypting the same message multiple times.
Line 1,015: Line 435:
more: https://blog.torproject.org/blog/tor-and-beast-ssl-attack
more: https://blog.torproject.org/blog/tor-and-beast-ssl-attack


=== LUCKY13 ===
== LUCKY13 ==


Lucky13 is another attack on CBC mode that listen for padding checks to decrypt ciphertext.
Lucky13 is another attack on CBC mode that listen for padding checks to decrypt ciphertext.
Line 1,021: Line 441:
more: https://www.imperialviolet.org/2013/02/04/luckythirteen.html
more: https://www.imperialviolet.org/2013/02/04/luckythirteen.html


=== RC4 weaknesses ===
== RC4 weaknesses ==


As of February 2015, the IETF explicitely prohibits the use of RC4: [http://www.ietf.org/rfc/rfc7465.txt RFC 7465].
As of February 2015, the IETF explicitely prohibits the use of RC4: [http://www.ietf.org/rfc/rfc7465.txt RFC 7465].
Line 1,031: Line 451:
While 3DES provides more resistant cryptography, it is also 30 times slower and more cpu intensive than RC4. For large web infrastructure, the CPU cost of replacing RC4 with 3DES is non-zero. For this reason, we recommend that administrators evaluate their traffic patterns, and make the decision of replacing RC4 with 3DES on a per-case basis. At Mozilla, we evaluated that the impact on CPU usage is minor, and thus decided to replace RC4 with 3DES where backward compatibility is required.
While 3DES provides more resistant cryptography, it is also 30 times slower and more cpu intensive than RC4. For large web infrastructure, the CPU cost of replacing RC4 with 3DES is non-zero. For this reason, we recommend that administrators evaluate their traffic patterns, and make the decision of replacing RC4 with 3DES on a per-case basis. At Mozilla, we evaluated that the impact on CPU usage is minor, and thus decided to replace RC4 with 3DES where backward compatibility is required.


=== CRIME (CVE-2012-4929) ===


The root cause of the problem is information leakage that occurs when data is compressed prior to encryption. If someone can repeatedly inject and mix arbitrary content with some sensitive and relatively predictable data, and observe the resulting encrypted stream, then he will be able to extract the unknown data from it.
The root cause of the problem is information leakage that occurs when data is compressed prior to encryption. If someone can repeatedly inject and mix arbitrary content with some sensitive and relatively predictable data, and observe the resulting encrypted stream, then he will be able to extract the unknown data from it.
Line 1,037: Line 456:
more: https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls
more: https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls


=== BREACH ===
== BREACH ==


This is a more complex attack than CRIME, which does not require TLS-level compression (it still needs HTTP-level compression).
This is a more complex attack than CRIME, which does not require TLS-level compression (it still needs HTTP-level compression).
Line 1,049: Line 468:
more: http://breachattack.com/
more: http://breachattack.com/


=== POODLE ([http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566 CVE-2014-3566]) ===
== POODLE ([http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566 CVE-2014-3566]) ==


POODLE is an attack on the padding used by SSLv3. It is a significant improvement of the BEAST attack which led the cryptography community to recommend disabling SSLv3 globally.
POODLE is an attack on the padding used by SSLv3. It is a significant improvement of the BEAST attack which led the cryptography community to recommend disabling SSLv3 globally.
Line 1,064: Line 483:
Our guidelines maintain support for SSLv3 in the Old configuration only. This is required for clients on Windows XP service pack 1 & 2 that do not have support for TLSv1.0. Internet Explorer and Chrome on those platforms are impacted. Mozilla wants to be reachable from very old clients, to allow them to download a better browser. Therefore, we maintain SSLv3 compatibility on a limited number of sites. But all sites that do not need that level of compatibility are encouraged to implement the Intermediate configuration
Our guidelines maintain support for SSLv3 in the Old configuration only. This is required for clients on Windows XP service pack 1 & 2 that do not have support for TLSv1.0. Internet Explorer and Chrome on those platforms are impacted. Mozilla wants to be reachable from very old clients, to allow them to download a better browser. Therefore, we maintain SSLv3 compatibility on a limited number of sites. But all sites that do not need that level of compatibility are encouraged to implement the Intermediate configuration


=== Logjam attack on weak Diffie-Hellman ===
== Logjam attack on weak Diffie-Hellman ==


The Logjam attack describes methods of attacking TLS servers supporting DHE export ciphers, and with weak (<= 1024 bit) Diffie Hellman groups. Modern TLS must use DH parameters of 2048 bits and above, or only use ECDHE. The modern configuration in this guide provide configurations that are not impacted by this issue. The intermediate and old configurations are impacted, and administrators are encourage to use DH parameters of 2048 bits wherever possible.
The Logjam attack describes methods of attacking TLS servers supporting DHE export ciphers, and with weak (<= 1024 bit) Diffie Hellman groups. Modern TLS must use DH parameters of 2048 bits and above, or only use ECDHE. The modern configuration in this guide provide configurations that are not impacted by this issue. The intermediate and old configurations are impacted, and administrators are encourage to use DH parameters of 2048 bits wherever possible.
Line 1,115: Line 534:
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_RSA_AES_256_GCM_SHA384
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_RSA_AES_256_GCM_SHA384
| style="background-color: #9EDB58; font-weight: bold;" |  
| style="background-color: #9EDB58; font-weight: bold;" |
| style="background-color: #9EDB58; font-weight: bold;" | ECDHE-RSA-AES256-GCM-SHA384
| style="background-color: #9EDB58; font-weight: bold;" | ECDHE-RSA-AES256-GCM-SHA384
|-
|-
Line 1,122: Line 541:
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_ECDSA_AES_256_GCM_SHA384
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_ECDSA_AES_256_GCM_SHA384
| style="background-color: #9EDB58; font-weight: bold;" |  
| style="background-color: #9EDB58; font-weight: bold;" |
| style="background-color: #9EDB58; font-weight: bold;" | ECDHE-ECDSA-AES256-GCM-SHA384
| style="background-color: #9EDB58; font-weight: bold;" | ECDHE-ECDSA-AES256-GCM-SHA384
|-
|-
Line 1,133: Line 552:
|-
|-
! scope=row | 0x00,0xA2
! scope=row | 0x00,0xA2
| style="background-color: #9EDB58; font-weight: bold; text-align: center;" | 6
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 6
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_DSS_AES_128_GCM_SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_AES_128_GCM_SHA256
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
| style="background-color: #9EDB58; font-weight: bold;" | DHE-DSS-AES128-GCM-SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | DHE-DSS-AES128-GCM-SHA256
|-
|-
! scope=row | 0x00,0xA3
! scope=row | 0x00,0xA3
| style="background-color: #9EDB58; font-weight: bold; text-align: center;" | 7
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 7
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_DSS_AES_256_GCM_SHA384
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_AES_256_GCM_SHA384
| style="background-color: #9EDB58; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #9EDB58; font-weight: bold;" | DHE-DSS-AES256-GCM-SHA384
| style="background-color: #CCCCCC; font-weight: bold;" | DHE-DSS-AES256-GCM-SHA384
|-
|-
! scope=row | 0x00,0x9F
! scope=row | 0x00,0x9F
| style="background-color: #9EDB58; font-weight: bold; text-align: center;" | 8
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 8
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_RSA_AES_256_GCM_SHA384
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_RSA_AES_256_GCM_SHA384
| style="background-color: #9EDB58; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #9EDB58; font-weight: bold;" | DHE-RSA-AES256-GCM-SHA384
| style="background-color: #CCCCCC; font-weight: bold;" | DHE-RSA-AES256-GCM-SHA384
|-
|-
! scope=row | 0xC0,0x27
! scope=row | 0xC0,0x27
Line 1,168: Line 587:
|-
|-
! scope=row | 0xC0,0x13
! scope=row | 0xC0,0x13
| style="background-color: #9EDB58; font-weight: bold; text-align: center;" | 11
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 11
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_RSA_AES_128_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" | TLS_ECDHE_RSA_AES_128_CBC_SHA1
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
| style="background-color: #9EDB58; font-weight: bold;" | ECDHE-RSA-AES128-SHA
| style="background-color: #DBC158; font-weight: bold;" | ECDHE-RSA-AES128-SHA
|-
|-
! scope=row | 0xC0,0x09
! scope=row | 0xC0,0x09
| style="background-color: #9EDB58; font-weight: bold; text-align: center;" | 12
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 12
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_ECDSA_AES_128_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" | TLS_ECDHE_ECDSA_AES_128_CBC_SHA1
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
| style="background-color: #9EDB58; font-weight: bold;" | ECDHE-ECDSA-AES128-SHA
| style="background-color: #DBC158; font-weight: bold;" | ECDHE-ECDSA-AES128-SHA
|-
|-
! scope=row | 0xC0,0x28
! scope=row | 0xC0,0x28
Line 1,185: Line 604:
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_RSA_AES_256_CBC_SHA384
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_RSA_AES_256_CBC_SHA384
| style="background-color: #9EDB58; font-weight: bold;" |  
| style="background-color: #9EDB58; font-weight: bold;" |
| style="background-color: #9EDB58; font-weight: bold;" | ECDHE-RSA-AES256-SHA384
| style="background-color: #9EDB58; font-weight: bold;" | ECDHE-RSA-AES256-SHA384
|-
|-
Line 1,192: Line 611:
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_ECDSA_AES_256_CBC_SHA384
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_ECDSA_AES_256_CBC_SHA384
| style="background-color: #9EDB58; font-weight: bold;" |  
| style="background-color: #9EDB58; font-weight: bold;" |
| style="background-color: #9EDB58; font-weight: bold;" | ECDHE-ECDSA-AES256-SHA384
| style="background-color: #9EDB58; font-weight: bold;" | ECDHE-ECDSA-AES256-SHA384
|-
|-
! scope=row | 0xC0,0x14
! scope=row | 0xC0,0x14
| style="background-color: #9EDB58; font-weight: bold; text-align: center;" | 15
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 15
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_RSA_AES_256_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" | TLS_ECDHE_RSA_AES_256_CBC_SHA1
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
| style="background-color: #9EDB58; font-weight: bold;" | ECDHE-RSA-AES256-SHA
| style="background-color: #DBC158; font-weight: bold;" | ECDHE-RSA-AES256-SHA
|-
|-
! scope=row | 0xC0,0x0A
! scope=row | 0xC0,0x0A
| style="background-color: #9EDB58; font-weight: bold; text-align: center;" | 16
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 16
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_ECDSA_AES_256_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" | TLS_ECDHE_ECDSA_AES_256_CBC_SHA1
| style="background-color: #9EDB58; font-weight: bold;" | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
| style="background-color: #9EDB58; font-weight: bold;" | ECDHE-ECDSA-AES256-SHA
| style="background-color: #DBC158; font-weight: bold;" | ECDHE-ECDSA-AES256-SHA
|-
|-
! scope=row | 0x00,0x67
! scope=row | 0x00,0x67
Line 1,217: Line 636:
|-
|-
! scope=row | 0x00,0x33
! scope=row | 0x00,0x33
| style="background-color: #9EDB58; font-weight: bold; text-align: center;" | 18
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 18
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_RSA_WITH_AES_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_RSA_WITH_AES_128_CBC_SHA
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_RSA_AES_128_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_RSA_AES_128_CBC_SHA1
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_RSA_WITH_AES_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_RSA_WITH_AES_128_CBC_SHA
| style="background-color: #9EDB58; font-weight: bold;" | DHE-RSA-AES128-SHA
| style="background-color: #DBC158; font-weight: bold;" | DHE-RSA-AES128-SHA
|-
|-
! scope=row | 0x00,0x40
! scope=row | 0x00,0x40
| style="background-color: #9EDB58; font-weight: bold; text-align: center;" | 19
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 19
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_DSS_AES_128_CBC_SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_AES_128_CBC_SHA256
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
| style="background-color: #9EDB58; font-weight: bold;" | DHE-DSS-AES128-SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | DHE-DSS-AES128-SHA256
|-
|-
! scope=row | 0x00,0x6B
! scope=row | 0x00,0x6B
Line 1,238: Line 657:
|-
|-
! scope=row | 0x00,0x38
! scope=row | 0x00,0x38
| style="background-color: #9EDB58; font-weight: bold; text-align: center;" | 21
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 21
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_256_CBC_SHA
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_DSS_AES_256_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_AES_256_CBC_SHA1
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_256_CBC_SHA
| style="background-color: #9EDB58; font-weight: bold;" | DHE-DSS-AES256-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | DHE-DSS-AES256-SHA
|-
|-
! scope=row | 0x00,0x39
! scope=row | 0x00,0x39
| style="background-color: #9EDB58; font-weight: bold; text-align: center;" | 22
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 22
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_RSA_WITH_AES_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_RSA_WITH_AES_256_CBC_SHA
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_RSA_AES_256_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_RSA_AES_256_CBC_SHA1
| style="background-color: #9EDB58; font-weight: bold;" | TLS_DHE_RSA_WITH_AES_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_RSA_WITH_AES_256_CBC_SHA
| style="background-color: #9EDB58; font-weight: bold;" | DHE-RSA-AES256-SHA
| style="background-color: #DBC158; font-weight: bold;" | DHE-RSA-AES256-SHA
|-
|-
! scope=row | 0xC0,0x12
! scope=row | 0xC0,0x12
Line 1,276: Line 695:
| style="background-color: #DBC158; font-weight: bold;" | TLS_RSA_WITH_AES_256_GCM_SHA384
| style="background-color: #DBC158; font-weight: bold;" | TLS_RSA_WITH_AES_256_GCM_SHA384
| style="background-color: #DBC158; font-weight: bold;" | TLS_RSA_AES_256_GCM_SHA384
| style="background-color: #DBC158; font-weight: bold;" | TLS_RSA_AES_256_GCM_SHA384
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #DBC158; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | AES256-GCM-SHA384
| style="background-color: #DBC158; font-weight: bold;" | AES256-GCM-SHA384
|-
|-
Line 1,308: Line 727:
|-
|-
! scope=row | 0xC0,0x22
! scope=row | 0xC0,0x22
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 31
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 31
| style="background-color: #DBC158; font-weight: bold;" | TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_SRP_SHA_DSS_AES_256_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_DSS_AES_256_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | SRP-DSS-AES-256-CBC-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | SRP-DSS-AES-256-CBC-SHA
|-
|-
! scope=row | 0xC0,0x21
! scope=row | 0xC0,0x21
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 32
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 32
| style="background-color: #DBC158; font-weight: bold;" | TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_SRP_SHA_RSA_AES_256_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_RSA_AES_256_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | SRP-RSA-AES-256-CBC-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | SRP-RSA-AES-256-CBC-SHA
|-
|-
! scope=row | 0xC0,0x20
! scope=row | 0xC0,0x20
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 33
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 33
| style="background-color: #DBC158; font-weight: bold;" | TLS_SRP_SHA_WITH_AES_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_WITH_AES_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_SRP_SHA_AES_256_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_AES_256_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | SRP-AES-256-CBC-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | SRP-AES-256-CBC-SHA
|-
|-
! scope=row | 0x00,0xA5
! scope=row | 0x00,0xA5
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 34
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 34
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_DSS_WITH_AES_256_GCM_SHA384
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_AES_256_GCM_SHA384
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | DH-DSS-AES256-GCM-SHA384
| style="background-color: #CCCCCC; font-weight: bold;" | DH-DSS-AES256-GCM-SHA384
|-
|-
! scope=row | 0x00,0xA1
! scope=row | 0x00,0xA1
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 35
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 35
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_RSA_WITH_AES_256_GCM_SHA384
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_AES_256_GCM_SHA384
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | DH-RSA-AES256-GCM-SHA384
| style="background-color: #CCCCCC; font-weight: bold;" | DH-RSA-AES256-GCM-SHA384
|-
|-
! scope=row | 0x00,0x6A
! scope=row | 0x00,0x6A
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 36
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 36
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_DSS_AES_256_CBC_SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_AES_256_CBC_SHA256
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
| style="background-color: #DBC158; font-weight: bold;" | DHE-DSS-AES256-SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | DHE-DSS-AES256-SHA256
|-
|-
! scope=row | 0x00,0x69
! scope=row | 0x00,0x69
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 37
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 37
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_RSA_WITH_AES_256_CBC_SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_AES_256_CBC_SHA256
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | DH-RSA-AES256-SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | DH-RSA-AES256-SHA256
|-
|-
! scope=row | 0x00,0x68
! scope=row | 0x00,0x68
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 38
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 38
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_DSS_WITH_AES_256_CBC_SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_AES_256_CBC_SHA256
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | DH-DSS-AES256-SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | DH-DSS-AES256-SHA256
|-
|-
! scope=row | 0x00,0x37
! scope=row | 0x00,0x37
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 39
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 39
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_RSA_WITH_AES_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_AES_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_RSA_WITH_AES_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_AES_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | DH-RSA-AES256-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | DH-RSA-AES256-SHA
|-
|-
! scope=row | 0x00,0x36
! scope=row | 0x00,0x36
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 40
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 40
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_DSS_WITH_AES_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_AES_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_DSS_WITH_AES_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_AES_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | DH-DSS-AES256-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | DH-DSS-AES256-SHA
|-
|-
! scope=row | 0xC0,0x1F
! scope=row | 0xC0,0x1F
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 41
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 41
| style="background-color: #DBC158; font-weight: bold;" | TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_SRP_SHA_DSS_AES_128_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_DSS_AES_128_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | SRP-DSS-AES-128-CBC-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | SRP-DSS-AES-128-CBC-SHA
|-
|-
! scope=row | 0xC0,0x1E
! scope=row | 0xC0,0x1E
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 42
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 42
| style="background-color: #DBC158; font-weight: bold;" | TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_SRP_SHA_RSA_AES_128_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_RSA_AES_128_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | SRP-RSA-AES-128-CBC-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | SRP-RSA-AES-128-CBC-SHA
|-
|-
! scope=row | 0xC0,0x1D
! scope=row | 0xC0,0x1D
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 43
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 43
| style="background-color: #DBC158; font-weight: bold;" | TLS_SRP_SHA_WITH_AES_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_WITH_AES_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_SRP_SHA_AES_128_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_AES_128_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | SRP-AES-128-CBC-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | SRP-AES-128-CBC-SHA
|-
|-
! scope=row | 0x00,0xA4
! scope=row | 0x00,0xA4
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 44
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 44
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_DSS_WITH_AES_128_GCM_SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_AES_128_GCM_SHA256
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | DH-DSS-AES128-GCM-SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | DH-DSS-AES128-GCM-SHA256
|-
|-
! scope=row | 0x00,0xA0
! scope=row | 0x00,0xA0
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 45
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 45
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_RSA_WITH_AES_128_GCM_SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_AES_128_GCM_SHA256
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | DH-RSA-AES128-GCM-SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | DH-RSA-AES128-GCM-SHA256
|-
|-
! scope=row | 0x00,0x3F
! scope=row | 0x00,0x3F
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 46
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 46
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_RSA_WITH_AES_128_CBC_SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_AES_128_CBC_SHA256
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | DH-RSA-AES128-SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | DH-RSA-AES128-SHA256
|-
|-
! scope=row | 0x00,0x3E
! scope=row | 0x00,0x3E
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 47
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 47
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_DSS_WITH_AES_128_CBC_SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_AES_128_CBC_SHA256
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | DH-DSS-AES128-SHA256
| style="background-color: #CCCCCC; font-weight: bold;" | DH-DSS-AES128-SHA256
|-
|-
! scope=row | 0x00,0x32
! scope=row | 0x00,0x32
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 48
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 48
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_DSS_AES_128_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_AES_128_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_WITH_AES_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | DHE-DSS-AES128-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | DHE-DSS-AES128-SHA
|-
|-
! scope=row | 0x00,0x31
! scope=row | 0x00,0x31
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 49
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 49
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_RSA_WITH_AES_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_AES_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_RSA_WITH_AES_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_AES_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | DH-RSA-AES128-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | DH-RSA-AES128-SHA
|-
|-
! scope=row | 0x00,0x30
! scope=row | 0x00,0x30
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 50
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 50
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_DSS_WITH_AES_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_AES_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_DSS_WITH_AES_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_AES_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | DH-DSS-AES128-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | DH-DSS-AES128-SHA
|-
|-
! scope=row | 0x00,0x0A
! scope=row | 0x00,0x0A
Line 1,452: Line 871:
| style="background-color: #DBC158; font-weight: bold;" | TLS_RSA_3DES_EDE_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" | TLS_RSA_3DES_EDE_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" | TLS_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #DBC158; font-weight: bold;" |
|-
|-
! scope=row | 0x00,0x88
! scope=row | 0x00,0x88
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 52
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 52
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | DHE-RSA-CAMELLIA256-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | DHE-RSA-CAMELLIA256-SHA
|-
|-
! scope=row | 0x00,0x87
! scope=row | 0x00,0x87
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 53
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 53
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_DSS_CAMELLIA_256_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_CAMELLIA_256_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | DHE-DSS-CAMELLIA256-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | DHE-DSS-CAMELLIA256-SHA
|-
|-
! scope=row | 0x00,0x86
! scope=row | 0x00,0x86
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 54
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 54
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | DH-RSA-CAMELLIA256-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | DH-RSA-CAMELLIA256-SHA
|-
|-
! scope=row | 0x00,0x85
! scope=row | 0x00,0x85
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 55
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 55
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | DH-DSS-CAMELLIA256-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | DH-DSS-CAMELLIA256-SHA
|-
|-
! scope=row | 0x00,0x84
! scope=row | 0x00,0x84
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 56
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 56
| style="background-color: #DBC158; font-weight: bold;" | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_RSA_CAMELLIA_256_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_RSA_CAMELLIA_256_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | CAMELLIA256-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | CAMELLIA256-SHA
|-
|-
! scope=row | 0x00,0x45
! scope=row | 0x00,0x45
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 57
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 57
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | DHE-RSA-CAMELLIA128-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | DHE-RSA-CAMELLIA128-SHA
|-
|-
! scope=row | 0x00,0x44
! scope=row | 0x00,0x44
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 58
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 58
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_DSS_CAMELLIA_128_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_CAMELLIA_128_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" | TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | DHE-DSS-CAMELLIA128-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | DHE-DSS-CAMELLIA128-SHA
|-
|-
! scope=row | 0x00,0x43
! scope=row | 0x00,0x43
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 59
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 59
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | DH-RSA-CAMELLIA128-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | DH-RSA-CAMELLIA128-SHA
|-
|-
! scope=row | 0x00,0x42
! scope=row | 0x00,0x42
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 60
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 60
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #DBC158; font-weight: bold;" | TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | DH-DSS-CAMELLIA128-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | DH-DSS-CAMELLIA128-SHA
|-
|-
! scope=row | 0x00,0x41
! scope=row | 0x00,0x41
| style="background-color: #DBC158; font-weight: bold; text-align: center;" | 61
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 61
| style="background-color: #DBC158; font-weight: bold;" | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | TLS_RSA_CAMELLIA_128_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_RSA_CAMELLIA_128_CBC_SHA1
| style="background-color: #DBC158; font-weight: bold;" | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: #DBC158; font-weight: bold;" | CAMELLIA128-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | CAMELLIA128-SHA
|-
|-
! scope=row | 0xC0,0x1C
! scope=row | 0xC0,0x1C
Line 1,528: Line 947:
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #CCCCCC; font-weight: bold;" | SRP-DSS-3DES-EDE-CBC-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | SRP-DSS-3DES-EDE-CBC-SHA
|-
|-
Line 1,535: Line 954:
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #CCCCCC; font-weight: bold;" | SRP-RSA-3DES-EDE-CBC-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | SRP-RSA-3DES-EDE-CBC-SHA
|-
|-
Line 1,542: Line 961:
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_3DES_EDE_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_SRP_SHA_3DES_EDE_CBC_SHA1
| style="background-color: #CCCCCC; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #CCCCCC; font-weight: bold;" | SRP-3DES-EDE-CBC-SHA
| style="background-color: #CCCCCC; font-weight: bold;" | SRP-3DES-EDE-CBC-SHA
|-
|-
Line 1,548: Line 967:
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 65
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 65
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
|-
|-
! scope=row | 0x00,0x0D
! scope=row | 0x00,0x0D
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 66
| style="background-color: #CCCCCC; font-weight: bold; text-align: center;" | 66
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" | TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA
| style="background-color: #CCCCCC; font-weight: bold;" |  
| style="background-color: #CCCCCC; font-weight: bold;" |
|-
|-
! scope=row | 0x00,0x00
! scope=row | 0x00,0x00
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_NULL_WITH_NULL_NULL
| style="background-color: white;" | TLS_NULL_WITH_NULL_NULL
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_NULL_WITH_NULL_NULL
| style="background-color: white;" | TLS_NULL_WITH_NULL_NULL
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x01
! scope=row | 0x00,0x01
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_NULL_MD5
| style="background-color: white;" | TLS_RSA_WITH_NULL_MD5
| style="background-color: white;" | TLS_RSA_NULL_MD5
| style="background-color: white;" | TLS_RSA_NULL_MD5
| style="background-color: white;" | TLS_RSA_WITH_NULL_MD5
| style="background-color: white;" | TLS_RSA_WITH_NULL_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x02
! scope=row | 0x00,0x02
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_NULL_SHA
| style="background-color: white;" | TLS_RSA_WITH_NULL_SHA
| style="background-color: white;" | TLS_RSA_NULL_SHA1
| style="background-color: white;" | TLS_RSA_NULL_SHA1
| style="background-color: white;" | TLS_RSA_WITH_NULL_SHA
| style="background-color: white;" | TLS_RSA_WITH_NULL_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x03
! scope=row | 0x00,0x03
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_EXPORT_WITH_RC4_40_MD5
| style="background-color: white;" | TLS_RSA_EXPORT_WITH_RC4_40_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_RSA_EXPORT_WITH_RC4_40_MD5
| style="background-color: white;" | TLS_RSA_EXPORT_WITH_RC4_40_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x04
! scope=row | 0x00,0x04
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_RC4_128_MD5
| style="background-color: white;" | TLS_RSA_WITH_RC4_128_MD5
| style="background-color: white;" | TLS_RSA_ARCFOUR_128_MD5
| style="background-color: white;" | TLS_RSA_ARCFOUR_128_MD5
| style="background-color: white;" | TLS_RSA_WITH_RC4_128_MD5
| style="background-color: white;" | TLS_RSA_WITH_RC4_128_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x05
! scope=row | 0x00,0x05
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_RSA_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_RSA_ARCFOUR_128_SHA1
| style="background-color: white;" | TLS_RSA_ARCFOUR_128_SHA1
| style="background-color: white;" | TLS_RSA_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_RSA_WITH_RC4_128_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x06
! scope=row | 0x00,0x06
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
| style="background-color: white;" | TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
| style="background-color: white;" | TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x07
! scope=row | 0x00,0x07
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_IDEA_CBC_SHA
| style="background-color: white;" | TLS_RSA_WITH_IDEA_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_RSA_WITH_IDEA_CBC_SHA
| style="background-color: white;" | TLS_RSA_WITH_IDEA_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x08
! scope=row | 0x00,0x08
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" | TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" | TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x09
! scope=row | 0x00,0x09
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_DES_CBC_SHA
| style="background-color: white;" | TLS_RSA_WITH_DES_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_RSA_WITH_DES_CBC_SHA
| style="background-color: white;" | TLS_RSA_WITH_DES_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x0B
! scope=row | 0x00,0x0B
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" | TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" | TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x0C
! scope=row | 0x00,0x0C
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_DSS_WITH_DES_CBC_SHA
| style="background-color: white;" | TLS_DH_DSS_WITH_DES_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_DH_DSS_WITH_DES_CBC_SHA
| style="background-color: white;" | TLS_DH_DSS_WITH_DES_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x0E
! scope=row | 0x00,0x0E
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" | TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" | TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x0F
! scope=row | 0x00,0x0F
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_RSA_WITH_DES_CBC_SHA
| style="background-color: white;" | TLS_DH_RSA_WITH_DES_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_DH_RSA_WITH_DES_CBC_SHA
| style="background-color: white;" | TLS_DH_RSA_WITH_DES_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x11
! scope=row | 0x00,0x11
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" | TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" | TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x12
! scope=row | 0x00,0x12
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_DSS_WITH_DES_CBC_SHA
| style="background-color: white;" | TLS_DHE_DSS_WITH_DES_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_DHE_DSS_WITH_DES_CBC_SHA
| style="background-color: white;" | TLS_DHE_DSS_WITH_DES_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x13
! scope=row | 0x00,0x13
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_DHE_DSS_3DES_EDE_CBC_SHA1
| style="background-color: white;" | TLS_DHE_DSS_3DES_EDE_CBC_SHA1
| style="background-color: white;" | TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x14
! scope=row | 0x00,0x14
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" | TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" | TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x15
! scope=row | 0x00,0x15
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_DES_CBC_SHA
| style="background-color: white;" | TLS_DHE_RSA_WITH_DES_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_DES_CBC_SHA
| style="background-color: white;" | TLS_DHE_RSA_WITH_DES_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x16
! scope=row | 0x00,0x16
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_DHE_RSA_3DES_EDE_CBC_SHA1
| style="background-color: white;" | TLS_DHE_RSA_3DES_EDE_CBC_SHA1
| style="background-color: white;" | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x17
! scope=row | 0x00,0x17
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
| style="background-color: white;" | TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
| style="background-color: white;" | TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x18
! scope=row | 0x00,0x18
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_RC4_128_MD5
| style="background-color: white;" | TLS_DH_anon_WITH_RC4_128_MD5
| style="background-color: white;" | TLS_DH_ANON_ARCFOUR_128_MD5
| style="background-color: white;" | TLS_DH_ANON_ARCFOUR_128_MD5
| style="background-color: white;" | TLS_DH_anon_WITH_RC4_128_MD5
| style="background-color: white;" | TLS_DH_anon_WITH_RC4_128_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x19
! scope=row | 0x00,0x19
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" | TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" | TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x1A
! scope=row | 0x00,0x1A
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_DES_CBC_SHA
| style="background-color: white;" | TLS_DH_anon_WITH_DES_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_DH_anon_WITH_DES_CBC_SHA
| style="background-color: white;" | TLS_DH_anon_WITH_DES_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x1B
! scope=row | 0x00,0x1B
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_DH_ANON_3DES_EDE_CBC_SHA1
| style="background-color: white;" | TLS_DH_ANON_3DES_EDE_CBC_SHA1
| style="background-color: white;" | TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x1E
! scope=row | 0x00,0x1E
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_KRB5_WITH_DES_CBC_SHA
| style="background-color: white;" | TLS_KRB5_WITH_DES_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x1F
! scope=row | 0x00,0x1F
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_KRB5_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_KRB5_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x20
! scope=row | 0x00,0x20
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_KRB5_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_KRB5_WITH_RC4_128_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x21
! scope=row | 0x00,0x21
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_KRB5_WITH_IDEA_CBC_SHA
| style="background-color: white;" | TLS_KRB5_WITH_IDEA_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x22
! scope=row | 0x00,0x22
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_KRB5_WITH_DES_CBC_MD5
| style="background-color: white;" | TLS_KRB5_WITH_DES_CBC_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x23
! scope=row | 0x00,0x23
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_KRB5_WITH_3DES_EDE_CBC_MD5
| style="background-color: white;" | TLS_KRB5_WITH_3DES_EDE_CBC_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x24
! scope=row | 0x00,0x24
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_KRB5_WITH_RC4_128_MD5
| style="background-color: white;" | TLS_KRB5_WITH_RC4_128_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x25
! scope=row | 0x00,0x25
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_KRB5_WITH_IDEA_CBC_MD5
| style="background-color: white;" | TLS_KRB5_WITH_IDEA_CBC_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x26
! scope=row | 0x00,0x26
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
| style="background-color: white;" | TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x27
! scope=row | 0x00,0x27
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA
| style="background-color: white;" | TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x28
! scope=row | 0x00,0x28
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_KRB5_EXPORT_WITH_RC4_40_SHA
| style="background-color: white;" | TLS_KRB5_EXPORT_WITH_RC4_40_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x29
! scope=row | 0x00,0x29
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
| style="background-color: white;" | TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x2A
! scope=row | 0x00,0x2A
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5
| style="background-color: white;" | TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x2B
! scope=row | 0x00,0x2B
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_KRB5_EXPORT_WITH_RC4_40_MD5
| style="background-color: white;" | TLS_KRB5_EXPORT_WITH_RC4_40_MD5
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x00,0x2C
! scope=row | 0x00,0x2C
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_NULL_SHA
| style="background-color: white;" | TLS_PSK_WITH_NULL_SHA
| style="background-color: white;" | TLS_PSK_NULL_SHA1
| style="background-color: white;" | TLS_PSK_NULL_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-NULL-SHA
| style="background-color: white;" | PSK-NULL-SHA
|-
|-
! scope=row | 0x00,0x2D
! scope=row | 0x00,0x2D
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_NULL_SHA
| style="background-color: white;" | TLS_DHE_PSK_WITH_NULL_SHA
| style="background-color: white;" | TLS_DHE_PSK_NULL_SHA1
| style="background-color: white;" | TLS_DHE_PSK_NULL_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-NULL-SHA
| style="background-color: white;" | DHE-PSK-NULL-SHA
|-
|-
! scope=row | 0x00,0x2E
! scope=row | 0x00,0x2E
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_NULL_SHA
| style="background-color: white;" | TLS_RSA_PSK_WITH_NULL_SHA
| style="background-color: white;" | TLS_RSA_PSK_NULL_SHA1
| style="background-color: white;" | TLS_RSA_PSK_NULL_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | RSA-PSK-NULL-SHA
| style="background-color: white;" | RSA-PSK-NULL-SHA
|-
|-
! scope=row | 0x00,0x34
! scope=row | 0x00,0x34
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_DH_anon_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_DH_ANON_AES_128_CBC_SHA1
| style="background-color: white;" | TLS_DH_ANON_AES_128_CBC_SHA1
Line 1,861: Line 1,280:
|-
|-
! scope=row | 0x00,0x3A
! scope=row | 0x00,0x3A
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_DH_anon_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_DH_ANON_AES_256_CBC_SHA1
| style="background-color: white;" | TLS_DH_ANON_AES_256_CBC_SHA1
Line 1,868: Line 1,287:
|-
|-
! scope=row | 0x00,0x3B
! scope=row | 0x00,0x3B
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_NULL_SHA256
| style="background-color: white;" | TLS_RSA_WITH_NULL_SHA256
| style="background-color: white;" | TLS_RSA_NULL_SHA256
| style="background-color: white;" | TLS_RSA_NULL_SHA256
Line 1,875: Line 1,294:
|-
|-
! scope=row | 0x00,0x46
! scope=row | 0x00,0x46
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: white;" | TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA
| style="background-color: white;" | TLS_DH_ANON_CAMELLIA_128_CBC_SHA1
| style="background-color: white;" | TLS_DH_ANON_CAMELLIA_128_CBC_SHA1
Line 1,882: Line 1,301:
|-
|-
! scope=row | 0x00,0x6C
! scope=row | 0x00,0x6C
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_DH_anon_WITH_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_DH_ANON_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_DH_ANON_AES_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ADH-AES128-SHA256
| style="background-color: white;" | ADH-AES128-SHA256
|-
|-
! scope=row | 0x00,0x6D
! scope=row | 0x00,0x6D
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_AES_256_CBC_SHA256
| style="background-color: white;" | TLS_DH_anon_WITH_AES_256_CBC_SHA256
| style="background-color: white;" | TLS_DH_ANON_AES_256_CBC_SHA256
| style="background-color: white;" | TLS_DH_ANON_AES_256_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ADH-AES256-SHA256
| style="background-color: white;" | ADH-AES256-SHA256
|-
|-
! scope=row | 0x00,0x89
! scope=row | 0x00,0x89
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: white;" | TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA
| style="background-color: white;" | TLS_DH_ANON_CAMELLIA_256_CBC_SHA1
| style="background-color: white;" | TLS_DH_ANON_CAMELLIA_256_CBC_SHA1
Line 1,903: Line 1,322:
|-
|-
! scope=row | 0x00,0x8A
! scope=row | 0x00,0x8A
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_PSK_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_PSK_ARCFOUR_128_SHA1
| style="background-color: white;" | TLS_PSK_ARCFOUR_128_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-RC4-SHA
| style="background-color: white;" | PSK-RC4-SHA
|-
|-
! scope=row | 0x00,0x8B
! scope=row | 0x00,0x8B
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_PSK_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_PSK_3DES_EDE_CBC_SHA1
| style="background-color: white;" | TLS_PSK_3DES_EDE_CBC_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-3DES-EDE-CBC-SHA
| style="background-color: white;" | PSK-3DES-EDE-CBC-SHA
|-
|-
! scope=row | 0x00,0x8C
! scope=row | 0x00,0x8C
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_PSK_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_PSK_AES_128_CBC_SHA1
| style="background-color: white;" | TLS_PSK_AES_128_CBC_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-AES128-CBC-SHA
| style="background-color: white;" | PSK-AES128-CBC-SHA
|-
|-
! scope=row | 0x00,0x8D
! scope=row | 0x00,0x8D
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_PSK_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_PSK_AES_256_CBC_SHA1
| style="background-color: white;" | TLS_PSK_AES_256_CBC_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-AES256-CBC-SHA
| style="background-color: white;" | PSK-AES256-CBC-SHA
|-
|-
! scope=row | 0x00,0x8E
! scope=row | 0x00,0x8E
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_DHE_PSK_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_DHE_PSK_ARCFOUR_128_SHA1
| style="background-color: white;" | TLS_DHE_PSK_ARCFOUR_128_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-RC4-SHA
| style="background-color: white;" | DHE-PSK-RC4-SHA
|-
|-
! scope=row | 0x00,0x8F
! scope=row | 0x00,0x8F
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_DHE_PSK_3DES_EDE_CBC_SHA1
| style="background-color: white;" | TLS_DHE_PSK_3DES_EDE_CBC_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-3DES-EDE-CBC-SHA
| style="background-color: white;" | DHE-PSK-3DES-EDE-CBC-SHA
|-
|-
! scope=row | 0x00,0x90
! scope=row | 0x00,0x90
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_DHE_PSK_AES_128_CBC_SHA1
| style="background-color: white;" | TLS_DHE_PSK_AES_128_CBC_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-AES128-CBC-SHA
| style="background-color: white;" | DHE-PSK-AES128-CBC-SHA
|-
|-
! scope=row | 0x00,0x91
! scope=row | 0x00,0x91
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_DHE_PSK_AES_256_CBC_SHA1
| style="background-color: white;" | TLS_DHE_PSK_AES_256_CBC_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-AES256-CBC-SHA
| style="background-color: white;" | DHE-PSK-AES256-CBC-SHA
|-
|-
! scope=row | 0x00,0x92
! scope=row | 0x00,0x92
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_RSA_PSK_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_RSA_PSK_ARCFOUR_128_SHA1
| style="background-color: white;" | TLS_RSA_PSK_ARCFOUR_128_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | RSA-PSK-RC4-SHA
| style="background-color: white;" | RSA-PSK-RC4-SHA
|-
|-
! scope=row | 0x00,0x93
! scope=row | 0x00,0x93
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_RSA_PSK_3DES_EDE_CBC_SHA1
| style="background-color: white;" | TLS_RSA_PSK_3DES_EDE_CBC_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | RSA-PSK-3DES-EDE-CBC-SHA
| style="background-color: white;" | RSA-PSK-3DES-EDE-CBC-SHA
|-
|-
! scope=row | 0x00,0x94
! scope=row | 0x00,0x94
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_RSA_PSK_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_RSA_PSK_AES_128_CBC_SHA1
| style="background-color: white;" | TLS_RSA_PSK_AES_128_CBC_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | RSA-PSK-AES128-CBC-SHA
| style="background-color: white;" | RSA-PSK-AES128-CBC-SHA
|-
|-
! scope=row | 0x00,0x95
! scope=row | 0x00,0x95
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_RSA_PSK_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_RSA_PSK_AES_256_CBC_SHA1
| style="background-color: white;" | TLS_RSA_PSK_AES_256_CBC_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | RSA-PSK-AES256-CBC-SHA
| style="background-color: white;" | RSA-PSK-AES256-CBC-SHA
|-
|-
! scope=row | 0x00,0x96
! scope=row | 0x00,0x96
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_SEED_CBC_SHA
| style="background-color: white;" | TLS_RSA_WITH_SEED_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_RSA_WITH_SEED_CBC_SHA
| style="background-color: white;" | TLS_RSA_WITH_SEED_CBC_SHA
| style="background-color: white;" | SEED-SHA
| style="background-color: white;" | SEED-SHA
|-
|-
! scope=row | 0x00,0x97
! scope=row | 0x00,0x97
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_DSS_WITH_SEED_CBC_SHA
| style="background-color: white;" | TLS_DH_DSS_WITH_SEED_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DH-DSS-SEED-SHA
| style="background-color: white;" | DH-DSS-SEED-SHA
|-
|-
! scope=row | 0x00,0x98
! scope=row | 0x00,0x98
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_RSA_WITH_SEED_CBC_SHA
| style="background-color: white;" | TLS_DH_RSA_WITH_SEED_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DH-RSA-SEED-SHA
| style="background-color: white;" | DH-RSA-SEED-SHA
|-
|-
! scope=row | 0x00,0x99
! scope=row | 0x00,0x99
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_DSS_WITH_SEED_CBC_SHA
| style="background-color: white;" | TLS_DHE_DSS_WITH_SEED_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-DSS-SEED-SHA
| style="background-color: white;" | DHE-DSS-SEED-SHA
|-
|-
! scope=row | 0x00,0x9A
! scope=row | 0x00,0x9A
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_SEED_CBC_SHA
| style="background-color: white;" | TLS_DHE_RSA_WITH_SEED_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-RSA-SEED-SHA
| style="background-color: white;" | DHE-RSA-SEED-SHA
|-
|-
! scope=row | 0x00,0x9B
! scope=row | 0x00,0x9B
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_SEED_CBC_SHA
| style="background-color: white;" | TLS_DH_anon_WITH_SEED_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ADH-SEED-SHA
| style="background-color: white;" | ADH-SEED-SHA
|-
|-
! scope=row | 0x00,0xA6
! scope=row | 0x00,0xA6
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_DH_anon_WITH_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_DH_ANON_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_DH_ANON_AES_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ADH-AES128-GCM-SHA256
| style="background-color: white;" | ADH-AES128-GCM-SHA256
|-
|-
! scope=row | 0x00,0xA7
! scope=row | 0x00,0xA7
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_AES_256_GCM_SHA384
| style="background-color: white;" | TLS_DH_anon_WITH_AES_256_GCM_SHA384
| style="background-color: white;" | TLS_DH_ANON_AES_256_GCM_SHA384
| style="background-color: white;" | TLS_DH_ANON_AES_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ADH-AES256-GCM-SHA384
| style="background-color: white;" | ADH-AES256-GCM-SHA384
|-
|-
! scope=row | 0x00,0xA8
! scope=row | 0x00,0xA8
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_PSK_WITH_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_PSK_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_PSK_AES_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-AES128-GCM-SHA256
| style="background-color: white;" | PSK-AES128-GCM-SHA256
|-
|-
! scope=row | 0x00,0xA9
! scope=row | 0x00,0xA9
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_AES_256_GCM_SHA384
| style="background-color: white;" | TLS_PSK_WITH_AES_256_GCM_SHA384
| style="background-color: white;" | TLS_PSK_AES_256_GCM_SHA384
| style="background-color: white;" | TLS_PSK_AES_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-AES256-GCM-SHA384
| style="background-color: white;" | PSK-AES256-GCM-SHA384
|-
|-
! scope=row | 0x00,0xAA
! scope=row | 0x00,0xAA
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_DHE_PSK_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_DHE_PSK_AES_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-AES128-GCM-SHA256
| style="background-color: white;" | DHE-PSK-AES128-GCM-SHA256
|-
|-
! scope=row | 0x00,0xAB
! scope=row | 0x00,0xAB
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
| style="background-color: white;" | TLS_DHE_PSK_AES_256_GCM_SHA384
| style="background-color: white;" | TLS_DHE_PSK_AES_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-AES256-GCM-SHA384
| style="background-color: white;" | DHE-PSK-AES256-GCM-SHA384
|-
|-
! scope=row | 0x00,0xAC
! scope=row | 0x00,0xAC
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_RSA_PSK_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_RSA_PSK_AES_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | RSA-PSK-AES128-GCM-SHA256
| style="background-color: white;" | RSA-PSK-AES128-GCM-SHA256
|-
|-
! scope=row | 0x00,0xAD
! scope=row | 0x00,0xAD
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
| style="background-color: white;" | TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
| style="background-color: white;" | TLS_RSA_PSK_AES_256_GCM_SHA384
| style="background-color: white;" | TLS_RSA_PSK_AES_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | RSA-PSK-AES256-GCM-SHA384
| style="background-color: white;" | RSA-PSK-AES256-GCM-SHA384
|-
|-
! scope=row | 0x00,0xAE
! scope=row | 0x00,0xAE
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_PSK_WITH_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_PSK_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_PSK_AES_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-AES128-CBC-SHA256
| style="background-color: white;" | PSK-AES128-CBC-SHA256
|-
|-
! scope=row | 0x00,0xAF
! scope=row | 0x00,0xAF
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_AES_256_CBC_SHA384
| style="background-color: white;" | TLS_PSK_WITH_AES_256_CBC_SHA384
| style="background-color: white;" | TLS_PSK_AES_256_CBC_SHA384
| style="background-color: white;" | TLS_PSK_AES_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-AES256-CBC-SHA384
| style="background-color: white;" | PSK-AES256-CBC-SHA384
|-
|-
! scope=row | 0x00,0xB0
! scope=row | 0x00,0xB0
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_NULL_SHA256
| style="background-color: white;" | TLS_PSK_WITH_NULL_SHA256
| style="background-color: white;" | TLS_PSK_NULL_SHA256
| style="background-color: white;" | TLS_PSK_NULL_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-NULL-SHA256
| style="background-color: white;" | PSK-NULL-SHA256
|-
|-
! scope=row | 0x00,0xB1
! scope=row | 0x00,0xB1
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_NULL_SHA384
| style="background-color: white;" | TLS_PSK_WITH_NULL_SHA384
| style="background-color: white;" | TLS_PSK_NULL_SHA384
| style="background-color: white;" | TLS_PSK_NULL_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-NULL-SHA384
| style="background-color: white;" | PSK-NULL-SHA384
|-
|-
! scope=row | 0x00,0xB2
! scope=row | 0x00,0xB2
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_DHE_PSK_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_DHE_PSK_AES_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-AES128-CBC-SHA256
| style="background-color: white;" | DHE-PSK-AES128-CBC-SHA256
|-
|-
! scope=row | 0x00,0xB3
! scope=row | 0x00,0xB3
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
| style="background-color: white;" | TLS_DHE_PSK_AES_256_CBC_SHA384
| style="background-color: white;" | TLS_DHE_PSK_AES_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-AES256-CBC-SHA384
| style="background-color: white;" | DHE-PSK-AES256-CBC-SHA384
|-
|-
! scope=row | 0x00,0xB4
! scope=row | 0x00,0xB4
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_NULL_SHA256
| style="background-color: white;" | TLS_DHE_PSK_WITH_NULL_SHA256
| style="background-color: white;" | TLS_DHE_PSK_NULL_SHA256
| style="background-color: white;" | TLS_DHE_PSK_NULL_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-NULL-SHA256
| style="background-color: white;" | DHE-PSK-NULL-SHA256
|-
|-
! scope=row | 0x00,0xB5
! scope=row | 0x00,0xB5
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_NULL_SHA384
| style="background-color: white;" | TLS_DHE_PSK_WITH_NULL_SHA384
| style="background-color: white;" | TLS_DHE_PSK_NULL_SHA384
| style="background-color: white;" | TLS_DHE_PSK_NULL_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-NULL-SHA384
| style="background-color: white;" | DHE-PSK-NULL-SHA384
|-
|-
! scope=row | 0x00,0xB6
! scope=row | 0x00,0xB6
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_RSA_PSK_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_RSA_PSK_AES_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | RSA-PSK-AES128-CBC-SHA256
| style="background-color: white;" | RSA-PSK-AES128-CBC-SHA256
|-
|-
! scope=row | 0x00,0xB7
! scope=row | 0x00,0xB7
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
| style="background-color: white;" | TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
| style="background-color: white;" | TLS_RSA_PSK_AES_256_CBC_SHA384
| style="background-color: white;" | TLS_RSA_PSK_AES_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | RSA-PSK-AES256-CBC-SHA384
| style="background-color: white;" | RSA-PSK-AES256-CBC-SHA384
|-
|-
! scope=row | 0x00,0xB8
! scope=row | 0x00,0xB8
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_NULL_SHA256
| style="background-color: white;" | TLS_RSA_PSK_WITH_NULL_SHA256
| style="background-color: white;" | TLS_RSA_PSK_NULL_SHA256
| style="background-color: white;" | TLS_RSA_PSK_NULL_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | RSA-PSK-NULL-SHA256
| style="background-color: white;" | RSA-PSK-NULL-SHA256
|-
|-
! scope=row | 0x00,0xB9
! scope=row | 0x00,0xB9
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_NULL_SHA384
| style="background-color: white;" | TLS_RSA_PSK_WITH_NULL_SHA384
| style="background-color: white;" | TLS_RSA_PSK_NULL_SHA384
| style="background-color: white;" | TLS_RSA_PSK_NULL_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | RSA-PSK-NULL-SHA384
| style="background-color: white;" | RSA-PSK-NULL-SHA384
|-
|-
! scope=row | 0x00,0xBA
! scope=row | 0x00,0xBA
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_RSA_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_RSA_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | CAMELLIA128-SHA256
| style="background-color: white;" | CAMELLIA128-SHA256
|-
|-
! scope=row | 0x00,0xBB
! scope=row | 0x00,0xBB
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DH-DSS-CAMELLIA128-SHA256
| style="background-color: white;" | DH-DSS-CAMELLIA128-SHA256
|-
|-
! scope=row | 0x00,0xBC
! scope=row | 0x00,0xBC
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DH-RSA-CAMELLIA128-SHA256
| style="background-color: white;" | DH-RSA-CAMELLIA128-SHA256
|-
|-
! scope=row | 0x00,0xBD
! scope=row | 0x00,0xBD
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DHE_DSS_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DHE_DSS_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-DSS-CAMELLIA128-SHA256
| style="background-color: white;" | DHE-DSS-CAMELLIA128-SHA256
|-
|-
! scope=row | 0x00,0xBE
! scope=row | 0x00,0xBE
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DHE_RSA_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DHE_RSA_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-RSA-CAMELLIA128-SHA256
| style="background-color: white;" | DHE-RSA-CAMELLIA128-SHA256
|-
|-
! scope=row | 0x00,0xBF
! scope=row | 0x00,0xBF
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DH_ANON_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DH_ANON_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ADH-CAMELLIA128-SHA256
| style="background-color: white;" | ADH-CAMELLIA128-SHA256
|-
|-
! scope=row | 0x00,0xC0
! scope=row | 0x00,0xC0
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" | TLS_RSA_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" | TLS_RSA_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | CAMELLIA256-SHA256
| style="background-color: white;" | CAMELLIA256-SHA256
|-
|-
! scope=row | 0x00,0xC1
! scope=row | 0x00,0xC1
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" | TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DH-DSS-CAMELLIA256-SHA256
| style="background-color: white;" | DH-DSS-CAMELLIA256-SHA256
|-
|-
! scope=row | 0x00,0xC2
! scope=row | 0x00,0xC2
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" | TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DH-RSA-CAMELLIA256-SHA256
| style="background-color: white;" | DH-RSA-CAMELLIA256-SHA256
|-
|-
! scope=row | 0x00,0xC3
! scope=row | 0x00,0xC3
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" | TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" | TLS_DHE_DSS_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" | TLS_DHE_DSS_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-DSS-CAMELLIA256-SHA256
| style="background-color: white;" | DHE-DSS-CAMELLIA256-SHA256
|-
|-
! scope=row | 0x00,0xC4
! scope=row | 0x00,0xC4
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" | TLS_DHE_RSA_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" | TLS_DHE_RSA_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-RSA-CAMELLIA256-SHA256
| style="background-color: white;" | DHE-RSA-CAMELLIA256-SHA256
|-
|-
! scope=row | 0x00,0xC5
! scope=row | 0x00,0xC5
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" | TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" | TLS_DH_ANON_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" | TLS_DH_ANON_CAMELLIA_256_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ADH-CAMELLIA256-SHA256
| style="background-color: white;" | ADH-CAMELLIA256-SHA256
|-
|-
! scope=row | 0x00,0xFF
! scope=row | 0x00,0xFF
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_EMPTY_RENEGOTIATION_INFO_SCSV
| style="background-color: white;" | TLS_EMPTY_RENEGOTIATION_INFO_SCSV
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_EMPTY_RENEGOTIATION_INFO_SCSV
| style="background-color: white;" | TLS_EMPTY_RENEGOTIATION_INFO_SCSV
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0x56,0x00
! scope=row | 0x56,0x00
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_FALLBACK_SCSV
| style="background-color: white;" | TLS_FALLBACK_SCSV
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_FALLBACK_SCSV
| style="background-color: white;" | TLS_FALLBACK_SCSV
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x01
! scope=row | 0xC0,0x01
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_NULL_SHA
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_NULL_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_NULL_SHA
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_NULL_SHA
| style="background-color: white;" | ECDH-ECDSA-NULL-SHA
| style="background-color: white;" | ECDH-ECDSA-NULL-SHA
|-
|-
! scope=row | 0xC0,0x02
! scope=row | 0xC0,0x02
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_RC4_128_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_RC4_128_SHA
| style="background-color: white;" | ECDH-ECDSA-RC4-SHA
| style="background-color: white;" | ECDH-ECDSA-RC4-SHA
|-
|-
! scope=row | 0xC0,0x03
! scope=row | 0xC0,0x03
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | ECDH-ECDSA-DES-CBC3-SHA
| style="background-color: white;" | ECDH-ECDSA-DES-CBC3-SHA
|-
|-
! scope=row | 0xC0,0x04
! scope=row | 0xC0,0x04
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
| style="background-color: white;" | ECDH-ECDSA-AES128-SHA
| style="background-color: white;" | ECDH-ECDSA-AES128-SHA
|-
|-
! scope=row | 0xC0,0x05
! scope=row | 0xC0,0x05
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
| style="background-color: white;" | ECDH-ECDSA-AES256-SHA
| style="background-color: white;" | ECDH-ECDSA-AES256-SHA
|-
|-
! scope=row | 0xC0,0x06
! scope=row | 0xC0,0x06
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_NULL_SHA
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_NULL_SHA
| style="background-color: white;" | TLS_ECDHE_ECDSA_NULL_SHA1
| style="background-color: white;" | TLS_ECDHE_ECDSA_NULL_SHA1
Line 2,309: Line 1,728:
|-
|-
! scope=row | 0xC0,0x07
! scope=row | 0xC0,0x07
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_ECDHE_ECDSA_ARCFOUR_128_SHA1
| style="background-color: white;" | TLS_ECDHE_ECDSA_ARCFOUR_128_SHA1
Line 2,316: Line 1,735:
|-
|-
! scope=row | 0xC0,0x0B
! scope=row | 0xC0,0x0B
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_NULL_SHA
| style="background-color: white;" | TLS_ECDH_RSA_WITH_NULL_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_NULL_SHA
| style="background-color: white;" | TLS_ECDH_RSA_WITH_NULL_SHA
| style="background-color: white;" | ECDH-RSA-NULL-SHA
| style="background-color: white;" | ECDH-RSA-NULL-SHA
|-
|-
! scope=row | 0xC0,0x0C
! scope=row | 0xC0,0x0C
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_ECDH_RSA_WITH_RC4_128_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_ECDH_RSA_WITH_RC4_128_SHA
| style="background-color: white;" | ECDH-RSA-RC4-SHA
| style="background-color: white;" | ECDH-RSA-RC4-SHA
|-
|-
! scope=row | 0xC0,0x0D
! scope=row | 0xC0,0x0D
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | ECDH-RSA-DES-CBC3-SHA
| style="background-color: white;" | ECDH-RSA-DES-CBC3-SHA
|-
|-
! scope=row | 0xC0,0x0E
! scope=row | 0xC0,0x0E
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
| style="background-color: white;" | ECDH-RSA-AES128-SHA
| style="background-color: white;" | ECDH-RSA-AES128-SHA
|-
|-
! scope=row | 0xC0,0x0F
! scope=row | 0xC0,0x0F
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
| style="background-color: white;" | ECDH-RSA-AES256-SHA
| style="background-color: white;" | ECDH-RSA-AES256-SHA
|-
|-
! scope=row | 0xC0,0x10
! scope=row | 0xC0,0x10
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_NULL_SHA
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_NULL_SHA
| style="background-color: white;" | TLS_ECDHE_RSA_NULL_SHA1
| style="background-color: white;" | TLS_ECDHE_RSA_NULL_SHA1
Line 2,358: Line 1,777:
|-
|-
! scope=row | 0xC0,0x11
! scope=row | 0xC0,0x11
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_ECDHE_RSA_ARCFOUR_128_SHA1
| style="background-color: white;" | TLS_ECDHE_RSA_ARCFOUR_128_SHA1
Line 2,365: Line 1,784:
|-
|-
! scope=row | 0xC0,0x15
! scope=row | 0xC0,0x15
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_anon_WITH_NULL_SHA
| style="background-color: white;" | TLS_ECDH_anon_WITH_NULL_SHA
| style="background-color: white;" | TLS_ECDH_ANON_NULL_SHA1
| style="background-color: white;" | TLS_ECDH_ANON_NULL_SHA1
Line 2,372: Line 1,791:
|-
|-
! scope=row | 0xC0,0x16
! scope=row | 0xC0,0x16
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_anon_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_ECDH_anon_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_ECDH_ANON_ARCFOUR_128_SHA1
| style="background-color: white;" | TLS_ECDH_ANON_ARCFOUR_128_SHA1
Line 2,379: Line 1,798:
|-
|-
! scope=row | 0xC0,0x17
! scope=row | 0xC0,0x17
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_ECDH_ANON_3DES_EDE_CBC_SHA1
| style="background-color: white;" | TLS_ECDH_ANON_3DES_EDE_CBC_SHA1
Line 2,386: Line 1,805:
|-
|-
! scope=row | 0xC0,0x18
! scope=row | 0xC0,0x18
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_anon_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_ECDH_anon_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_ECDH_ANON_AES_128_CBC_SHA1
| style="background-color: white;" | TLS_ECDH_ANON_AES_128_CBC_SHA1
Line 2,393: Line 1,812:
|-
|-
! scope=row | 0xC0,0x19
! scope=row | 0xC0,0x19
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_anon_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_ECDH_anon_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_ECDH_ANON_AES_256_CBC_SHA1
| style="background-color: white;" | TLS_ECDH_ANON_AES_256_CBC_SHA1
Line 2,400: Line 1,819:
|-
|-
! scope=row | 0xC0,0x25
! scope=row | 0xC0,0x25
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDH-ECDSA-AES128-SHA256
| style="background-color: white;" | ECDH-ECDSA-AES128-SHA256
|-
|-
! scope=row | 0xC0,0x26
! scope=row | 0xC0,0x26
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDH-ECDSA-AES256-SHA384
| style="background-color: white;" | ECDH-ECDSA-AES256-SHA384
|-
|-
! scope=row | 0xC0,0x29
! scope=row | 0xC0,0x29
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDH-RSA-AES128-SHA256
| style="background-color: white;" | ECDH-RSA-AES128-SHA256
|-
|-
! scope=row | 0xC0,0x2A
! scope=row | 0xC0,0x2A
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDH-RSA-AES256-SHA384
| style="background-color: white;" | ECDH-RSA-AES256-SHA384
|-
|-
! scope=row | 0xC0,0x2D
! scope=row | 0xC0,0x2D
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
| style="background-color: white;" | ECDH-ECDSA-AES128-GCM-SHA256
| style="background-color: white;" | ECDH-ECDSA-AES128-GCM-SHA256
|-
|-
! scope=row | 0xC0,0x2E
! scope=row | 0xC0,0x2E
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDH-ECDSA-AES256-GCM-SHA384
| style="background-color: white;" | ECDH-ECDSA-AES256-GCM-SHA384
|-
|-
! scope=row | 0xC0,0x31
! scope=row | 0xC0,0x31
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
| style="background-color: white;" | ECDH-RSA-AES128-GCM-SHA256
| style="background-color: white;" | ECDH-RSA-AES128-GCM-SHA256
|-
|-
! scope=row | 0xC0,0x32
! scope=row | 0xC0,0x32
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
| style="background-color: white;" | TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDH-RSA-AES256-GCM-SHA384
| style="background-color: white;" | ECDH-RSA-AES256-GCM-SHA384
|-
|-
! scope=row | 0xC0,0x33
! scope=row | 0xC0,0x33
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_RC4_128_SHA
| style="background-color: white;" | TLS_ECDHE_PSK_ARCFOUR_128_SHA1
| style="background-color: white;" | TLS_ECDHE_PSK_ARCFOUR_128_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-PSK-RC4-SHA
| style="background-color: white;" | ECDHE-PSK-RC4-SHA
|-
|-
! scope=row | 0xC0,0x34
! scope=row | 0xC0,0x34
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
| style="background-color: white;" | TLS_ECDHE_PSK_3DES_EDE_CBC_SHA1
| style="background-color: white;" | TLS_ECDHE_PSK_3DES_EDE_CBC_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-PSK-3DES-EDE-CBC-SHA
| style="background-color: white;" | ECDHE-PSK-3DES-EDE-CBC-SHA
|-
|-
! scope=row | 0xC0,0x35
! scope=row | 0xC0,0x35
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
| style="background-color: white;" | TLS_ECDHE_PSK_AES_128_CBC_SHA1
| style="background-color: white;" | TLS_ECDHE_PSK_AES_128_CBC_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-PSK-AES128-CBC-SHA
| style="background-color: white;" | ECDHE-PSK-AES128-CBC-SHA
|-
|-
! scope=row | 0xC0,0x36
! scope=row | 0xC0,0x36
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
| style="background-color: white;" | TLS_ECDHE_PSK_AES_256_CBC_SHA1
| style="background-color: white;" | TLS_ECDHE_PSK_AES_256_CBC_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-PSK-AES256-CBC-SHA
| style="background-color: white;" | ECDHE-PSK-AES256-CBC-SHA
|-
|-
! scope=row | 0xC0,0x37
! scope=row | 0xC0,0x37
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDHE_PSK_AES_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDHE_PSK_AES_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-PSK-AES128-CBC-SHA256
| style="background-color: white;" | ECDHE-PSK-AES128-CBC-SHA256
|-
|-
! scope=row | 0xC0,0x38
! scope=row | 0xC0,0x38
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDHE_PSK_AES_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDHE_PSK_AES_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-PSK-AES256-CBC-SHA384
| style="background-color: white;" | ECDHE-PSK-AES256-CBC-SHA384
|-
|-
! scope=row | 0xC0,0x39
! scope=row | 0xC0,0x39
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_NULL_SHA
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_NULL_SHA
| style="background-color: white;" | TLS_ECDHE_PSK_NULL_SHA1
| style="background-color: white;" | TLS_ECDHE_PSK_NULL_SHA1
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-PSK-NULL-SHA
| style="background-color: white;" | ECDHE-PSK-NULL-SHA
|-
|-
! scope=row | 0xC0,0x3A
! scope=row | 0xC0,0x3A
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_NULL_SHA256
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_NULL_SHA256
| style="background-color: white;" | TLS_ECDHE_PSK_NULL_SHA256
| style="background-color: white;" | TLS_ECDHE_PSK_NULL_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-PSK-NULL-SHA256
| style="background-color: white;" | ECDHE-PSK-NULL-SHA256
|-
|-
! scope=row | 0xC0,0x3B
! scope=row | 0xC0,0x3B
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_NULL_SHA384
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_NULL_SHA384
| style="background-color: white;" | TLS_ECDHE_PSK_NULL_SHA384
| style="background-color: white;" | TLS_ECDHE_PSK_NULL_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-PSK-NULL-SHA384
| style="background-color: white;" | ECDHE-PSK-NULL-SHA384
|-
|-
! scope=row | 0xC0,0x3C
! scope=row | 0xC0,0x3C
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" | TLS_RSA_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x3D
! scope=row | 0xC0,0x3D
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" | TLS_RSA_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x3E
! scope=row | 0xC0,0x3E
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x3F
! scope=row | 0xC0,0x3F
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" | TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x40
! scope=row | 0xC0,0x40
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x41
! scope=row | 0xC0,0x41
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" | TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x42
! scope=row | 0xC0,0x42
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x43
! scope=row | 0xC0,0x43
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" | TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x44
! scope=row | 0xC0,0x44
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x45
! scope=row | 0xC0,0x45
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" | TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x46
! scope=row | 0xC0,0x46
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DH_anon_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x47
! scope=row | 0xC0,0x47
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" | TLS_DH_anon_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x48
! scope=row | 0xC0,0x48
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x49
! scope=row | 0xC0,0x49
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x4A
! scope=row | 0xC0,0x4A
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x4B
! scope=row | 0xC0,0x4B
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x4C
! scope=row | 0xC0,0x4C
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x4D
! scope=row | 0xC0,0x4D
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x4E
! scope=row | 0xC0,0x4E
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x4F
! scope=row | 0xC0,0x4F
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x50
! scope=row | 0xC0,0x50
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" | TLS_RSA_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x51
! scope=row | 0xC0,0x51
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" | TLS_RSA_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x52
! scope=row | 0xC0,0x52
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x53
! scope=row | 0xC0,0x53
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x54
! scope=row | 0xC0,0x54
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x55
! scope=row | 0xC0,0x55
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x56
! scope=row | 0xC0,0x56
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x57
! scope=row | 0xC0,0x57
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x58
! scope=row | 0xC0,0x58
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x59
! scope=row | 0xC0,0x59
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x5A
! scope=row | 0xC0,0x5A
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DH_anon_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x5B
! scope=row | 0xC0,0x5B
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DH_anon_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x5C
! scope=row | 0xC0,0x5C
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x5D
! scope=row | 0xC0,0x5D
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x5E
! scope=row | 0xC0,0x5E
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x5F
! scope=row | 0xC0,0x5F
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x60
! scope=row | 0xC0,0x60
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x61
! scope=row | 0xC0,0x61
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x62
! scope=row | 0xC0,0x62
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x63
! scope=row | 0xC0,0x63
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" | TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x64
! scope=row | 0xC0,0x64
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" | TLS_PSK_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x65
! scope=row | 0xC0,0x65
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" | TLS_PSK_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x66
! scope=row | 0xC0,0x66
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x67
! scope=row | 0xC0,0x67
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" | TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x68
! scope=row | 0xC0,0x68
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" | TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x69
! scope=row | 0xC0,0x69
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" | TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x6A
! scope=row | 0xC0,0x6A
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" | TLS_PSK_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x6B
! scope=row | 0xC0,0x6B
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" | TLS_PSK_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x6C
! scope=row | 0xC0,0x6C
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x6D
! scope=row | 0xC0,0x6D
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x6E
! scope=row | 0xC0,0x6E
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" | TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x6F
! scope=row | 0xC0,0x6F
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" | TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x70
! scope=row | 0xC0,0x70
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x71
! scope=row | 0xC0,0x71
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x72
! scope=row | 0xC0,0x72
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-ECDSA-CAMELLIA128-SHA256
| style="background-color: white;" | ECDHE-ECDSA-CAMELLIA128-SHA256
|-
|-
! scope=row | 0xC0,0x73
! scope=row | 0xC0,0x73
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-ECDSA-CAMELLIA256-SHA384
| style="background-color: white;" | ECDHE-ECDSA-CAMELLIA256-SHA384
|-
|-
! scope=row | 0xC0,0x74
! scope=row | 0xC0,0x74
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDH-ECDSA-CAMELLIA128-SHA256
| style="background-color: white;" | ECDH-ECDSA-CAMELLIA128-SHA256
|-
|-
! scope=row | 0xC0,0x75
! scope=row | 0xC0,0x75
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDH-ECDSA-CAMELLIA256-SHA384
| style="background-color: white;" | ECDH-ECDSA-CAMELLIA256-SHA384
|-
|-
! scope=row | 0xC0,0x76
! scope=row | 0xC0,0x76
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-RSA-CAMELLIA128-SHA256
| style="background-color: white;" | ECDHE-RSA-CAMELLIA128-SHA256
|-
|-
! scope=row | 0xC0,0x77
! scope=row | 0xC0,0x77
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-RSA-CAMELLIA256-SHA384
| style="background-color: white;" | ECDHE-RSA-CAMELLIA256-SHA384
|-
|-
! scope=row | 0xC0,0x78
! scope=row | 0xC0,0x78
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDH-RSA-CAMELLIA128-SHA256
| style="background-color: white;" | ECDH-RSA-CAMELLIA128-SHA256
|-
|-
! scope=row | 0xC0,0x79
! scope=row | 0xC0,0x79
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDH-RSA-CAMELLIA256-SHA384
| style="background-color: white;" | ECDH-RSA-CAMELLIA256-SHA384
|-
|-
! scope=row | 0xC0,0x7A
! scope=row | 0xC0,0x7A
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_RSA_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_RSA_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x7B
! scope=row | 0xC0,0x7B
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_RSA_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_RSA_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x7C
! scope=row | 0xC0,0x7C
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DHE_RSA_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DHE_RSA_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x7D
! scope=row | 0xC0,0x7D
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DHE_RSA_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DHE_RSA_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x7E
! scope=row | 0xC0,0x7E
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x7F
! scope=row | 0xC0,0x7F
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x80
! scope=row | 0xC0,0x80
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DHE_DSS_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DHE_DSS_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x81
! scope=row | 0xC0,0x81
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DHE_DSS_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DHE_DSS_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x82
! scope=row | 0xC0,0x82
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x83
! scope=row | 0xC0,0x83
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x84
! scope=row | 0xC0,0x84
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DH_ANON_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DH_ANON_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x85
! scope=row | 0xC0,0x85
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DH_ANON_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DH_ANON_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x86
! scope=row | 0xC0,0x86
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x87
! scope=row | 0xC0,0x87
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x88
! scope=row | 0xC0,0x88
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x89
! scope=row | 0xC0,0x89
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x8A
! scope=row | 0xC0,0x8A
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x8B
! scope=row | 0xC0,0x8B
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x8C
! scope=row | 0xC0,0x8C
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x8D
! scope=row | 0xC0,0x8D
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x8E
! scope=row | 0xC0,0x8E
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_PSK_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_PSK_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x8F
! scope=row | 0xC0,0x8F
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_PSK_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_PSK_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x90
! scope=row | 0xC0,0x90
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DHE_PSK_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_DHE_PSK_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x91
! scope=row | 0xC0,0x91
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DHE_PSK_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_DHE_PSK_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x92
! scope=row | 0xC0,0x92
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_RSA_PSK_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" | TLS_RSA_PSK_CAMELLIA_128_GCM_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x93
! scope=row | 0xC0,0x93
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_RSA_PSK_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" | TLS_RSA_PSK_CAMELLIA_256_GCM_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" |  
| style="background-color: white;" |
|-
|-
! scope=row | 0xC0,0x94
! scope=row | 0xC0,0x94
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_PSK_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_PSK_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-CAMELLIA128-SHA256
| style="background-color: white;" | PSK-CAMELLIA128-SHA256
|-
|-
! scope=row | 0xC0,0x95
! scope=row | 0xC0,0x95
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_PSK_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_PSK_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-CAMELLIA256-SHA384
| style="background-color: white;" | PSK-CAMELLIA256-SHA384
|-
|-
! scope=row | 0xC0,0x96
! scope=row | 0xC0,0x96
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DHE_PSK_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_DHE_PSK_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-CAMELLIA128-SHA256
| style="background-color: white;" | DHE-PSK-CAMELLIA128-SHA256
|-
|-
! scope=row | 0xC0,0x97
! scope=row | 0xC0,0x97
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_DHE_PSK_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_DHE_PSK_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-CAMELLIA256-SHA384
| style="background-color: white;" | DHE-PSK-CAMELLIA256-SHA384
|-
|-
! scope=row | 0xC0,0x98
! scope=row | 0xC0,0x98
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_RSA_PSK_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_RSA_PSK_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | RSA-PSK-CAMELLIA128-SHA256
| style="background-color: white;" | RSA-PSK-CAMELLIA128-SHA256
|-
|-
! scope=row | 0xC0,0x99
! scope=row | 0xC0,0x99
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_RSA_PSK_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_RSA_PSK_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | RSA-PSK-CAMELLIA256-SHA384
| style="background-color: white;" | RSA-PSK-CAMELLIA256-SHA384
|-
|-
! scope=row | 0xC0,0x9A
! scope=row | 0xC0,0x9A
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDHE_PSK_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" | TLS_ECDHE_PSK_CAMELLIA_128_CBC_SHA256
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-PSK-CAMELLIA128-SHA256
| style="background-color: white;" | ECDHE-PSK-CAMELLIA128-SHA256
|-
|-
! scope=row | 0xC0,0x9B
! scope=row | 0xC0,0x9B
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDHE_PSK_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" | TLS_ECDHE_PSK_CAMELLIA_256_CBC_SHA384
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-PSK-CAMELLIA256-SHA384
| style="background-color: white;" | ECDHE-PSK-CAMELLIA256-SHA384
|-
|-
! scope=row | 0xC0,0x9C
! scope=row | 0xC0,0x9C
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_AES_128_CCM
| style="background-color: white;" | TLS_RSA_WITH_AES_128_CCM
| style="background-color: white;" | TLS_RSA_AES_128_CCM
| style="background-color: white;" | TLS_RSA_AES_128_CCM
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | AES128-CCM
| style="background-color: white;" | AES128-CCM
|-
|-
! scope=row | 0xC0,0x9D
! scope=row | 0xC0,0x9D
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_AES_256_CCM
| style="background-color: white;" | TLS_RSA_WITH_AES_256_CCM
| style="background-color: white;" | TLS_RSA_AES_256_CCM
| style="background-color: white;" | TLS_RSA_AES_256_CCM
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | AES256-CCM
| style="background-color: white;" | AES256-CCM
|-
|-
! scope=row | 0xC0,0x9E
! scope=row | 0xC0,0x9E
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_AES_128_CCM
| style="background-color: white;" | TLS_DHE_RSA_WITH_AES_128_CCM
| style="background-color: white;" | TLS_DHE_RSA_AES_128_CCM
| style="background-color: white;" | TLS_DHE_RSA_AES_128_CCM
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-RSA-AES128-CCM
| style="background-color: white;" | DHE-RSA-AES128-CCM
|-
|-
! scope=row | 0xC0,0x9F
! scope=row | 0xC0,0x9F
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_AES_256_CCM
| style="background-color: white;" | TLS_DHE_RSA_WITH_AES_256_CCM
| style="background-color: white;" | TLS_DHE_RSA_AES_256_CCM
| style="background-color: white;" | TLS_DHE_RSA_AES_256_CCM
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-RSA-AES256-CCM
| style="background-color: white;" | DHE-RSA-AES256-CCM
|-
|-
! scope=row | 0xC0,0xA0
! scope=row | 0xC0,0xA0
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_AES_128_CCM_8
| style="background-color: white;" | TLS_RSA_WITH_AES_128_CCM_8
| style="background-color: white;" | TLS_RSA_AES_128_CCM_8
| style="background-color: white;" | TLS_RSA_AES_128_CCM_8
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | AES128-CCM8
| style="background-color: white;" | AES128-CCM8
|-
|-
! scope=row | 0xC0,0xA1
! scope=row | 0xC0,0xA1
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_RSA_WITH_AES_256_CCM_8
| style="background-color: white;" | TLS_RSA_WITH_AES_256_CCM_8
| style="background-color: white;" | TLS_RSA_AES_256_CCM_8
| style="background-color: white;" | TLS_RSA_AES_256_CCM_8
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | AES256-CCM8
| style="background-color: white;" | AES256-CCM8
|-
|-
! scope=row | 0xC0,0xA2
! scope=row | 0xC0,0xA2
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_AES_128_CCM_8
| style="background-color: white;" | TLS_DHE_RSA_WITH_AES_128_CCM_8
| style="background-color: white;" | TLS_DHE_RSA_AES_128_CCM_8
| style="background-color: white;" | TLS_DHE_RSA_AES_128_CCM_8
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-RSA-AES128-CCM8
| style="background-color: white;" | DHE-RSA-AES128-CCM8
|-
|-
! scope=row | 0xC0,0xA3
! scope=row | 0xC0,0xA3
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_RSA_WITH_AES_256_CCM_8
| style="background-color: white;" | TLS_DHE_RSA_WITH_AES_256_CCM_8
| style="background-color: white;" | TLS_DHE_RSA_AES_256_CCM_8
| style="background-color: white;" | TLS_DHE_RSA_AES_256_CCM_8
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-RSA-AES256-CCM8
| style="background-color: white;" | DHE-RSA-AES256-CCM8
|-
|-
! scope=row | 0xC0,0xA4
! scope=row | 0xC0,0xA4
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_AES_128_CCM
| style="background-color: white;" | TLS_PSK_WITH_AES_128_CCM
| style="background-color: white;" | TLS_PSK_AES_128_CCM
| style="background-color: white;" | TLS_PSK_AES_128_CCM
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-AES128-CCM
| style="background-color: white;" | PSK-AES128-CCM
|-
|-
! scope=row | 0xC0,0xA5
! scope=row | 0xC0,0xA5
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_AES_256_CCM
| style="background-color: white;" | TLS_PSK_WITH_AES_256_CCM
| style="background-color: white;" | TLS_PSK_AES_256_CCM
| style="background-color: white;" | TLS_PSK_AES_256_CCM
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-AES256-CCM
| style="background-color: white;" | PSK-AES256-CCM
|-
|-
! scope=row | 0xC0,0xA6
! scope=row | 0xC0,0xA6
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_128_CCM
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_128_CCM
| style="background-color: white;" | TLS_DHE_PSK_AES_128_CCM
| style="background-color: white;" | TLS_DHE_PSK_AES_128_CCM
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-AES128-CCM
| style="background-color: white;" | DHE-PSK-AES128-CCM
|-
|-
! scope=row | 0xC0,0xA7
! scope=row | 0xC0,0xA7
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_256_CCM
| style="background-color: white;" | TLS_DHE_PSK_WITH_AES_256_CCM
| style="background-color: white;" | TLS_DHE_PSK_AES_256_CCM
| style="background-color: white;" | TLS_DHE_PSK_AES_256_CCM
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-AES256-CCM
| style="background-color: white;" | DHE-PSK-AES256-CCM
|-
|-
! scope=row | 0xC0,0xA8
! scope=row | 0xC0,0xA8
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_AES_128_CCM_8
| style="background-color: white;" | TLS_PSK_WITH_AES_128_CCM_8
| style="background-color: white;" | TLS_PSK_AES_128_CCM_8
| style="background-color: white;" | TLS_PSK_AES_128_CCM_8
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-AES128-CCM8
| style="background-color: white;" | PSK-AES128-CCM8
|-
|-
! scope=row | 0xC0,0xA9
! scope=row | 0xC0,0xA9
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_WITH_AES_256_CCM_8
| style="background-color: white;" | TLS_PSK_WITH_AES_256_CCM_8
| style="background-color: white;" | TLS_PSK_AES_256_CCM_8
| style="background-color: white;" | TLS_PSK_AES_256_CCM_8
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | PSK-AES256-CCM8
| style="background-color: white;" | PSK-AES256-CCM8
|-
|-
! scope=row | 0xC0,0xAA
! scope=row | 0xC0,0xAA
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_DHE_WITH_AES_128_CCM_8
| style="background-color: white;" | TLS_PSK_DHE_WITH_AES_128_CCM_8
| style="background-color: white;" | TLS_DHE_PSK_AES_128_CCM_8
| style="background-color: white;" | TLS_DHE_PSK_AES_128_CCM_8
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-AES128-CCM8
| style="background-color: white;" | DHE-PSK-AES128-CCM8
|-
|-
! scope=row | 0xC0,0xAB
! scope=row | 0xC0,0xAB
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_PSK_DHE_WITH_AES_256_CCM_8
| style="background-color: white;" | TLS_PSK_DHE_WITH_AES_256_CCM_8
| style="background-color: white;" | TLS_DHE_PSK_AES_256_CCM_8
| style="background-color: white;" | TLS_DHE_PSK_AES_256_CCM_8
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | DHE-PSK-AES256-CCM8
| style="background-color: white;" | DHE-PSK-AES256-CCM8
|-
|-
! scope=row | 0xC0,0xAC
! scope=row | 0xC0,0xAC
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_AES_128_CCM
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_AES_128_CCM
| style="background-color: white;" | TLS_ECDHE_ECDSA_AES_128_CCM
| style="background-color: white;" | TLS_ECDHE_ECDSA_AES_128_CCM
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-ECDSA-AES128-CCM
| style="background-color: white;" | ECDHE-ECDSA-AES128-CCM
|-
|-
! scope=row | 0xC0,0xAD
! scope=row | 0xC0,0xAD
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_AES_256_CCM
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_AES_256_CCM
| style="background-color: white;" | TLS_ECDHE_ECDSA_AES_256_CCM
| style="background-color: white;" | TLS_ECDHE_ECDSA_AES_256_CCM
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-ECDSA-AES256-CCM
| style="background-color: white;" | ECDHE-ECDSA-AES256-CCM
|-
|-
! scope=row | 0xC0,0xAE
! scope=row | 0xC0,0xAE
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
| style="background-color: white;" | TLS_ECDHE_ECDSA_AES_128_CCM_8
| style="background-color: white;" | TLS_ECDHE_ECDSA_AES_128_CCM_8
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-ECDSA-AES128-CCM8
| style="background-color: white;" | ECDHE-ECDSA-AES128-CCM8
|-
|-
! scope=row | 0xC0,0xAF
! scope=row | 0xC0,0xAF
| style="background-color: white;" data-sort-value="1000" |  
| style="background-color: white;" data-sort-value="1000" |
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
| style="background-color: white;" | TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
| style="background-color: white;" | TLS_ECDHE_ECDSA_AES_256_CCM_8
| style="background-color: white;" | TLS_ECDHE_ECDSA_AES_256_CCM_8
| style="background-color: white;" |  
| style="background-color: white;" |
| style="background-color: white;" | ECDHE-ECDSA-AES256-CCM8
| style="background-color: white;" | ECDHE-ECDSA-AES256-CCM8
|}
|}
Line 3,385: Line 2,804:
! Changes
! Changes
|-
|-
| style="text-align: center;" | 3.9
| style="text-align: center;" | 4
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| add EDH-RSA-DES-CBC3-SHA back to the old and intermediate conf
| Recommend ECDSA in modern level, remove DSS ciphers, publish configurations as JSON
|-
|-
| style="text-align: center;" | 3.8
| style="text-align: center;" | 3.8
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| redo cipher names chart (marumari), move version chart (marumari), update Intermediate cipher suite (ulfr)
| redo cipher names chart (April King), move version chart (April King), update Intermediate cipher suite (ulfr)
|-
|-
| style="text-align: center;" | 3.7
| style="text-align: center;" | 3.7
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| cleanup version table (marumari), add F5 conf samples (warburtron), add notes about DHE (rgacogne)
| cleanup version table (April King), add F5 conf samples (warburtron), add notes about DHE (rgacogne)
|-
|-
| style="text-align: center;" | 3.6
| style="text-align: center;" | 3.6
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| bump intermediate DHE to 2048, add note about java compatibility
| bump intermediate DHE to 2048, add note about java compatibility
|-
|-
Line 3,406: Line 2,825:
|-
|-
| style="text-align: center;" | 3.4
| style="text-align: center;" | 3.4
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| added note about session resumption, HSTS, and HPKP
| added note about session resumption, HSTS, and HPKP
|-
|-
| style="text-align: center;" | 3.3
| style="text-align: center;" | 3.3
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| fix SHA256 prio, add POODLE details, update various templates
| fix SHA256 prio, add POODLE details, update various templates
|-
|-
| style="text-align: center;" | 3.2
| style="text-align: center;" | 3.2
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| Added intermediate compatibility mode, renamed other modes
| Added intermediate compatibility mode, renamed other modes
|-
|-
| style="text-align: center;" | 3.1
| style="text-align: center;" | 3.1
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| Added non-backward compatible ciphersuite
| Added non-backward compatible ciphersuite
|-
|-
| style="text-align: center;" | 3
| style="text-align: center;" | 3
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| Remove RC4 for 3DES, fix ordering in openssl 0.9.8 ([https://bugzilla.mozilla.org/show_bug.cgi?id=1024430 1024430]), various minor updates
| Remove RC4 for 3DES, fix ordering in openssl 0.9.8 ([https://bugzilla.mozilla.org/show_bug.cgi?id=1024430 1024430]), various minor updates
|-
|-
| style="text-align: center;" | 2.5.1
| style="text-align: center;" | 2.5.1
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| Revisit ELB capabilities
| Revisit ELB capabilities
|-
|-
| style="text-align: center;" | 2.5
| style="text-align: center;" | 2.5
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| Update ZLB information for OCSP Stapling and ciphersuite
| Update ZLB information for OCSP Stapling and ciphersuite
|-
|-
| style="text-align: center;" | 2.4
| style="text-align: center;" | 2.4
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| Moved a couple of aes128 above aes256 in the ciphersuite
| Moved a couple of aes128 above aes256 in the ciphersuite
|-
|-
| style="text-align: center;" | 2.3
| style="text-align: center;" | 2.3
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| Precisions on IE 7/8 AES support (thanks to Dobin Rutishauser)
| Precisions on IE 7/8 AES support (thanks to Dobin Rutishauser)
|-
|-
| style="text-align: center;" | 2.2
| style="text-align: center;" | 2.2
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| Added IANA/OpenSSL/GnuTLS correspondence table and conversion tool
| Added IANA/OpenSSL/GnuTLS correspondence table and conversion tool
|-
|-
| style="text-align: center;" | 2.1
| style="text-align: center;" | 2.1
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| RC4 vs 3DES discussion. r=joes r=tinfoil
| RC4 vs 3DES discussion. r=joes r=tinfoil
|-
|-
| style="text-align: center;" | 2.0
| style="text-align: center;" | 2.0
| style="text-align: center;" | ulfr, kang
| style="text-align: center;" | Julien Vehent, kang
| Public release.
| Public release.
|-
|-
| style="text-align: center;" | 1.5
| style="text-align: center;" | 1.5
| style="text-align: center;" | ulfr, kang
| style="text-align: center;" | Julien Vehent, kang
| added details for PFS DHE handshake, added nginx configuration details; added Apache recommended conf
| added details for PFS DHE handshake, added nginx configuration details; added Apache recommended conf
|-
|-
| style="text-align: center;" | 1.4
| style="text-align: center;" | 1.4
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| revised ciphersuite. Prefer AES before RC4. Prefer 128 before 256. Prefer DHE before non-DHE.
| revised ciphersuite. Prefer AES before RC4. Prefer 128 before 256. Prefer DHE before non-DHE.
|-
|-
| style="text-align: center;" | 1.3
| style="text-align: center;" | 1.3
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| added netscaler example conf
| added netscaler example conf
|-
|-
| style="text-align: center;" | 1.2
| style="text-align: center;" | 1.2
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| ciphersuite update, bump DHE-AESGCM above ECDH-RC4
| ciphersuite update, bump DHE-AESGCM above ECDH-RC4
|-
|-
| style="text-align: center;" | 1.1
| style="text-align: center;" | 1.1
| style="text-align: center;" | ulfr, kang
| style="text-align: center;" | Julien Vehent, kang
| integrated review comments from Infra; SPDY information
| integrated review comments from Infra; SPDY information
|-
|-
| style="text-align: center;" | 1.0
| style="text-align: center;" | 1.0
| style="text-align: center;" | ulfr
| style="text-align: center;" | Julien Vehent
| creation
| creation
|-
|-
Ulfr
Confirmed users
529

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1116779"