Should a server set a cipher order?

... a server should begin by offering the strongest ciphers first, and only then offer weaker ciphers.

As long as the server only supports ciphers which are strong enough it does not actually matter in terms of security who chooses the cipher. Instead of security other criteria are relevant, typically performance from the perspective of the client or of the server. Just using a "stronger" cipher might add a perceived value but not an actual value (still assuming that only sufficiently string ciphers are supported in the server).

See also Do TLS standards require the server-side preference to always be used when negotiating ciphers to use? on why one would prefer client cipher order or why not.


I don't think the order is relevant from a security perspective. The only thing that is relevant is whether the ciphers are considered safe or not; that's why, in general, you should remove the weak ciphers from the server list. Bear in mind that the client will choose from what the server offers to the client, and it is up to the clients to choose one depending on what they have implemented or what hardware they have. I know that in openssl you can choose the order, and it looks nice to have it, but it is up to the client to choose one from that list depending on their requirements.

Tags:

Tls