Cipher suites & forward secrecy
A cipher suite bundles the key exchange, authentication, bulk cipher, and MAC for a connection. The order matters: list the strongest first. Prefer **ECDHE** (and DHE) key exchange — these give *forward secrecy*, so a future key compromise can't decrypt past traffic. Pair them with **AEAD** bulk ciphers: AES-128/256-GCM or ChaCha20-Poly1305. Avoid CBC-mode and SHA-1 ciphers (padding-oracle and downgrade risks) and never use 3DES (DES-CBC3-SHA), which the Sweet32 attack breaks. TLS 1.3 sidesteps all of this: its ciphersuites are fixed, all AEAD, all forward-secret, and not configurable.