FYI the Moz ciphers are slightly better than the iojs ciphers (which are in turn a lot better than node 0.12), by prioritising GCM (which doesn't have any known attacks).
Random other fact: since GCM is only available with 128 bit AES in most current browsers, Moz prefer 128 bit AES GCM over 256 bit AES with CBC.
SSL Labs don't make the same distinction and require 256 bit crypto to get a perfect 'Cipher strength' score. Moz is right (and you should use their config), but the difference in opinion is interesting.
We've had a long and detailed discussion on the dev-tech-crypto mailing list about the preferred ordering for Firefox and, subsequently, for the server side guidelines. It's worth a read if you're into these sort of things http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.or...
FYI the Moz ciphers are slightly better than the iojs ciphers (which are in turn a lot better than node 0.12), by prioritising GCM (which doesn't have any known attacks).
Random other fact: since GCM is only available with 128 bit AES in most current browsers, Moz prefer 128 bit AES GCM over 256 bit AES with CBC.
SSL Labs don't make the same distinction and require 256 bit crypto to get a perfect 'Cipher strength' score. Moz is right (and you should use their config), but the difference in opinion is interesting.