Last Updated: 11/10/2017
Below is a high level HTTPS security and performance comparison table between Google Cloud Storage and Amazon Simple Storage Service (S3). While cost, performance, and reliability are certainly factors in making a cloud storage decision the scope of this post is specifically limited to HTTPS.
| Google Cloud Storage | Amazon Simple Storage Service | |
|---|---|---|
| Qualys SSL Labs Link | https://goo.gl/StJma1 | https://goo.gl/ORZfWe |
| Qualys SSL Labs score | A | A |
| SSL certificate issuer | Google Internet Authority G2 | DigiCert Baltimore CA-2 G2 |
| Key | RSA 2048 bits | RSA 2048 bits |
| Signature algorithm | SHA256withRSA | SHA256withRSA |
| Additional chain certificates | 3 (3599 bytes) (Note: one of the chained certs uses a weak signature algorithm SHA1) |
2 (2690 bytes) |
| Protocol support | TLS 1.2, TLS 1.1, TLS 1.0 | TLS 1.2, TLS 1.1, TLS 1.0 |
| Secure renegotiation | Supported | Supported |
| BEAST attack | Not mitigated server-side | Not mitigated server-side |
| POODLE (SSLv3) | No, SSL 3 not supported | No, SSLv3 not supported |
| POODLE (TLS) | No | No |
| Downgrade attack prevention | Yes, TLS_FALLBACK_SCSV | Yes, TLS_FALLBACK_SCSV |
| RC4 cipher support | No | No |
| Heartbleed | No | No |
| Forward secrecy | With modern browsers | With modern browsers |
| Next procol support | h2 spdy/3.1 http/1.1 | None |
| Session resumption (caching) | Yes | No (IDs assigned but not accepted) |
| Session resumption (tickets) | Yes | No |
| OCSP stapling | No | No |
| Strict transport security (HSTS) by default | No | No |
| HSTS preloading | No | No |
| Public key pinning (HPKP) | No | No |