Table 1.
Main considerations evaluated in this study.
| Security considerationsa | Description |
| Use of secured connections (SSLb/TLSc) | The use of any unsecured connections |
| SSL/TLS version | Evaluating the supported versions of SSL/TLS |
| Key exchange support | The cryptographic algorithm used to exchange the keys during the handshake for the following symmetric encryption |
| Cipher support | The cipher negotiated between client and server dictates what symmetric encryption is applied after the handshake and key exchange |
| Certificates | The security characteristics TLS offers rely on the server’s certificate. Any trust issues here are critical |
| Vulnerabilities | Certain attacks are based on specific implementations or the absence of a patch on the server |
| HSTSd | Support HSTS can prevent downgrades to HTTP |
aAll but the first one (use of unsecure connections) are tested for by the tools presented in later sections.
bSSL: Secure Socket Layer.
cTSL: Transport Layer Security.
dHSTS: Hypertext Transfer Protocol Strict Transport Security.