|
Message-ID: <20131104194149.2ee4504b@chromobil.localdomain>
Date: Mon, 4 Nov 2013 19:41:49 +0100
From: Stefan Bühler <stbuehler@...httpd.net>
To: oss-security@...ts.openwall.com
Cc: hanno@...eck.de
Subject: Re: openssl default ciphers
On Mon, 4 Nov 2013 18:49:06 +0100
Hanno Böck <hanno@...eck.de> wrote:
> On Mon, 4 Nov 2013 18:16:30 +0100
> Stefan Bühler <stbuehler@...httpd.net> wrote:
>
> > Is 'DEFAULT@...ENGTH:!LOW:!EXP' (should
> > be similar to 'HIGH:MEDIUM:!aNULL') a reasonably default?
>
> SSLCipherSuite HIGH:!MEDIUM:!LOW:!aNULL@...ENGTH
> should be fine. There are basically near zero browsers out there that
> should have any problems with that. Even dinosaurs like IE6 can work
> with this, you don't need "medium" ciphers as long as you don't want
> to make a site accessible to browser museums.
There is no difference to HIGH:!aNULL on my system. I don't see why
HIGH:!MEDIUM:!LOW could be not equal to HIGH anyway...
> And looking at what medium includes that high doesn't, it seems you
> really don't want that ancient cipher suites:
> -DHE-RSA-SEED-SHA
> -DHE-DSS-SEED-SHA
> -SEED-SHA
> -IDEA-CBC-SHA
> -IDEA-CBC-MD5
> -RC2-CBC-MD5
> -ECDHE-RSA-RC4-SHA
> -ECDHE-ECDSA-RC4-SHA
> -ECDH-RSA-RC4-SHA
> -ECDH-ECDSA-RC4-SHA
> -RC4-SHA
> -RC4-MD5
> -RC4-MD5
> -PSK-RC4-SHA
This is not what I get for "MEDIUM" (debian testing); I see only SEED +
RC4; RC2 is an export cipher; wikipedia has some stuff on IDEA, and it
seems indeed "ancient". SEED might be more relevant (for Korea...), and
RC4 is having a big comeback due to the BEAST attack.
I think due to BEAST a default collection should include RC4; that is
why I included MEDIUM.
Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.