My OperaThe My Opera forums have been replaced with forums.opera.com. Please head over there to discuss Opera's products and features
See the new ForumsYou need to be logged in to post in the forums. If you do not have an account, please sign up first.
Does Opera support forward secrecy?
According to this, Google is only supporting it for Chrome and Firefox and it would appear that if Opera does support it, it's blacklisted/not-whitelisted since Gmail seems to use "TLS v1.0 128 bit ARC4 (1024 bit RSA/SHA)". This Stackexchange question has some related info: http://security.stackexchange.com/questions/5474/forward-secrecy-with-https-and-aesOpera support Forward Secrecy in the form of the Ephemeral Diffie-Hellman (DHE) cipher suites, but not the Elliptic Curve DHE method Google selected to prioritize (At present Opera does not support Elliptic Curve crypto). Google seem to prioritize the ECDHE and RSA/ARC4 above the DHE methods (there is no DHE_RSA/ARC4 ciphersuite defined, which may explain that part; ARC4 is less costly than AES). AFAICT Google does not support the DHE_RSA methods on their server.
In the list of ciphersuites that Opera sends the server, the DHE_RSA ciphersuites are listed as more preferred than the corresponding RSA ciphersuite, so if the DHE method is not selected it is because the server either does not support the cipher suites (as is the case on google.com), or decided not to select it based on its own list of prioritized ciphersuites.
In the list of ciphersuites that Opera sends the server, the DHE_RSA ciphersuites are listed as more preferred than the corresponding RSA ciphersuite, so if the DHE method is not selected it is because the server either does not support the cipher suites (as is the case on google.com), or decided not to select it based on its own list of prioritized ciphersuites.
Sincerely,
Yngve N. Pettersen
Yngve N. Pettersen
Forums » General Opera topics » Security and privacy in Opera