User Agent Capabilities: BingPreview Jan 2015


Protocol Features
Protocols
TLS 1.3 No
TLS 1.2 Yes
TLS 1.1 Yes
TLS 1.0 Yes
SSL 3   INSECURE Yes
SSL 2 No


Cipher Suites (in order of preference)
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)   Forward Secrecy 256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)   Forward Secrecy 256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)  WEAK 256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024)  WEAK 256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)  WEAK 256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)  WEAK 256
TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA (0xc022)  WEAK 256
TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA (0xc021)  WEAK 256
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 (0xa3)   Forward Secrecy2 256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)   Forward Secrecy 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b)  WEAK 256
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 (0x6a)  WEAK 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)  WEAK 256
TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x38)  WEAK 256
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x88)  WEAK 256
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x87)  WEAK 256
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 (0xc032) 256
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02e) 256
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 (0xc02a)  WEAK 256
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 (0xc026)  WEAK 256
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA (0xc00f)  WEAK 256
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA (0xc005)  WEAK 256
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)  WEAK 256
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)  WEAK 256
TLS_RSA_WITH_AES_256_CBC_SHA (0x35)  WEAK 256
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x84)  WEAK 256
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012)  WEAK 112
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc008)  WEAK 112
TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA (0xc01c)  WEAK 112
TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA (0xc01b)  WEAK 112
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16)  WEAK 112
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x13)  WEAK 112
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA (0xc00d)  WEAK 112
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc003)  WEAK 112
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)  WEAK 112
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)   Forward Secrecy 128
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)   Forward Secrecy 128
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)  WEAK 128
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023)  WEAK 128
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)  WEAK 128
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)  WEAK 128
TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA (0xc01f)  WEAK 128
TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA (0xc01e)  WEAK 128
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (0xa2)   Forward Secrecy2 128
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e)   Forward Secrecy 128
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67)  WEAK 128
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x40)  WEAK 128
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33)  WEAK 128
TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x32)  WEAK 128
TLS_DHE_RSA_WITH_SEED_CBC_SHA (0x9a)  WEAK 128
TLS_DHE_DSS_WITH_SEED_CBC_SHA (0x99)  WEAK 128
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x45)  WEAK 128
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x44)  WEAK 128
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 (0xc031) 128
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02d) 128
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 (0xc029)  WEAK 128
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 (0xc025)  WEAK 128
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA (0xc00e)  WEAK 128
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA (0xc004)  WEAK 128
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c)  WEAK 128
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)  WEAK 128
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)  WEAK 128
TLS_RSA_WITH_SEED_CBC_SHA (0x96)  WEAK 128
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x41)  WEAK 128
TLS_RSA_WITH_IDEA_CBC_SHA (0x7)  WEAK 128
TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011)   INSECURE 128
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA (0xc007)   INSECURE 128
TLS_ECDH_RSA_WITH_RC4_128_SHA (0xc00c)   INSECURE 128
TLS_ECDH_ECDSA_WITH_RC4_128_SHA (0xc002)   INSECURE 128
TLS_RSA_WITH_RC4_128_SHA (0x5)   INSECURE 128
TLS_RSA_WITH_RC4_128_MD5 (0x4)   INSECURE 128
TLS_DHE_RSA_WITH_DES_CBC_SHA (0x15)   INSECURE 56
TLS_DHE_DSS_WITH_DES_CBC_SHA (0x12)   INSECURE 56
TLS_RSA_WITH_DES_CBC_SHA (0x9)   INSECURE 56
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA (0x14)   INSECURE 40
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA (0x11)   INSECURE 40
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA (0x8)   INSECURE 40
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (0x6)   INSECURE 40
TLS_RSA_EXPORT_WITH_RC4_40_MD5 (0x3)   INSECURE 40
TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0xff) -
(1) When a browser supports SSL 2, its SSL 2-only suites are shown only on the very first connection to this site. To see the suites, close all browser windows, then open this exact page directly. Don't refresh.
(2) Cannot be used for Forward Secrecy because they require DSA keys, which are effectively limited to 1024 bits.


Protocol Details
Server Name Indication (SNI) Yes
Secure Renegotiation Yes
TLS compression Yes   INSECURE
Session tickets No
OCSP stapling No
Signature algorithms SHA512/RSA, SHA512/DSA, SHA512/ECDSA, SHA384/RSA, SHA384/DSA, SHA384/ECDSA, SHA256/RSA, SHA256/DSA, SHA256/ECDSA, SHA224/RSA, SHA224/DSA, SHA224/ECDSA, SHA1/RSA, SHA1/DSA, SHA1/ECDSA, MD5/RSA
Named Groups sect571r1, sect571k1, secp521r1, sect409k1, sect409r1, secp384r1, sect283k1, sect283r1, secp256k1, secp256r1, sect239k1, sect233k1, sect233r1, secp224k1, secp224r1, sect193r1, sect193r2, secp192k1, secp192r1, sect163k1, sect163r1, sect163r2, secp160k1, secp160r1, secp160r2
Next Protocol Negotiation No
Application Layer Protocol Negotiation No
SSL 2 handshake compatibility No

(**) Tested with default settings. Some platforms can be manually configured to enable more features and better security.