1 Reply Latest reply: Nov 24, 2009 5:13 PM by b noir
msb87 Level 1 Level 1 (0 points)
In most of common browsers you can check what cryptographic algorithms or security mechanisms are used (and choose them). For example in Firefox (or any other Mozilla software) there's about:config and you can find there things like these:
security.ssl3.dhersa_aes_128sha
security.ssl3.dhersa_aes_256sha
security.ssl3.dhersa_camellia_128sha
security.ssl3.dhersa_camellia_256sha
security.ssl3.ecdhecdsa_aes_128sha
security.ssl3.ecdhecdsa_aes_256sha
security.ssl3.ecdhecdsa_des_ede3sha
and so on.
Thanks to that i know which algorithms is my browser exactly using in SSL/TLS connections. If i think that for example "3DES with EC-Diffie-Hellman and SHA" isn't the most secure set of algorithms for me, i can turn it off. I'd like to know which algorithms do exactly Safari use? It's an important thing because for example FF still uses for example ARC4 algorithm which isn't highly secure.
How to check it?

Safari version: 4.0.4 (531.21.10)
Operating System: Windows XP

Best regards,
Michael

Windows XP
  • b noir Level 9 Level 9 (72,035 points)
    Hmmmm ... not a lot of info in the following document from the Safari Development Center, and it's a bit dated too, but just in case it's of any use as a starting point:

    [What encryption, authentication, and proxy technologies does Safari support?|http://developer.apple.com/safari/library/qa/qa2009/qa1537.html]