Security

Forward secrecy

Even if your server's private key leaks tomorrow, past traffic stays unreadable. Mandatory in TLS 1.3 — make sure your stack negotiates it.

Authority: IETF
Version: TLS 1.3 mandatory
Jurisdiction: Global
Source: datatracker.ietf.org
Last reviewed: 2026-04-28
Last verified: pending

What it is

Cipher suites using ephemeral Diffie-Hellman key exchange (ECDHE/DHE). Each session gets a unique key that's discarded after use, so a future key compromise can't decrypt captured past traffic.

Why it matters

Standard practice for any threat model that includes nation-state adversaries or long-lived data archives. TLS 1.3 enforces it; TLS 1.2 supports it but allows non-PFS suites unless explicitly configured.

Who it applies to

Every HTTPS endpoint.

How WQI scores it

Web Quality Index considers this standard satisfied when the supporting factor passes.

#	Factor	Status
88	Forward secrecy	planned

0 of 1 supporting factors are currently collected. Sites where the remaining 1 haven't been measured will show as partial or unknown on this standard until the data lands.

Related standards

See also: TLS 1.2+ , SSL valid

Other references

tooling Mozilla SSL Configuration Generator