AT&T Video Optimizer
In the best practice HTTP vs HTTPs, we discussed how important it is to secure the transmission of data between your customer and your servers. HTTPS is the correct way to do this. However, some ciphers used in HTTPS – once compromised – will compromise all other previous connections that used the same cipher. This means that once the connection is hacked, perpetrators have access to every other connection ever made with the same server.
Keeping each session highly secure is vital, but if your ciphers do not support forward secrecy – once a single connection is hacked – every other connection is also easily decrypted.
Forward secrecy is a cipher that helps protect previous sessions if one session is cracked. This is a better approach than one that allows one cracked session to also decrypt all previous sessions.
Best Practice Recommendation
If Video Optimizer detects a cipher that does not support forward secrecy, it will fail the Forward Secrecy Best practice, and list the IP and cipher name in the accompanying table.