Two years ago I had a look at my mail server’s logs and compiled some data about the use of STARTTLS. Tonight I decided to do it again, so here are the results for the past month:
|Connection type||Count||Proportion||In 2015|
|No TLS||137||17 %||14 %|
|TLS 1.0||131||17 %||9 %|
|TLS 1.1||6||1 %||0 %|
|TLS 1.2||511||65 %||77 %|
Overall, the proportion of TLS connections is similar to what I observed two years ago, although the proportion of TLS 1.2 connections is surprisingly decreasing in favor of TLS 1.0.
|ECDHE-RSA-AES256-GCM-SHA384||2||< 1 %|
|ECDHE-RSA-AES256-SHA384||2||< 1 %|
Things have changed a bit for the cipher suites used. The DHE-RSA-AES256-GCM-SHA384 cipher suite, which accounted for 46 % of all TLS connections in 2015, has now disappeared from the logs, replaced by its elliptic curve variant ECDHE-RSA-AES256-GCM-SHA384. 128-bit AES is being phased out (from 21 % to 5 %), but SHA-1 resists (from 28 % to 21 %), obviously helped by the resistance of TLS 1.0 (which does not allow SHA-2).
When TLS 1.2 is used, SHA-384 is largely preferred over SHA-256 (91 % vs 9 %), and almost all TLS 1.2 connections (98 %) use authenticated encryption in the form of the GCM mode.