Re: [RFC] Improved TLS Defaults
Hi Daniel,
On Wed, Jan 29, 2014 at 6:50 AM, Daniel Lowrey <rdlowrey@gmail.com> wrote:
> I've created a new RFC to discuss improving default TLS encryption
> settings:
>
> https://wiki.php.net/rfc/improved-tls-defaults
>
> This RFC complements the previously accepted TLS Peer Verification RFC.
>
> I've proposed these (relatively straight-forward) changes in RFC form
> because there does exist the potential for minimal BC breakage. I see this
> breakage as a good thing because it enhances security, however everyone may
> not share this view.
>
I haven't read the RFC carefully yet, but it's great proposal!
You probably reviewed this page already.
https://wiki.mozilla.org/Security/Server_Side_TLS
Quoting from the page
The general purpose ciphersuite at the time of this writing is:
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:AES128:AES256:RC4-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK
Is your recommendation from OpenSSL project or else?
I couldn't find a page with quick search.
@STRENGTH
Additionally the cipher string @STRENGTH can be used at any point to sort
the current cipher list in order of encryption algorithm key length.
https://www.openssl.org/docs/apps/ciphers.html
@STRENGTH orders cipher as mozilla recommend? It seems this option is for
this and/or similar purpose.
Slight differences do not matter much so having @STRENGH is secure and
easier to maintain, probably.
Regards,
--
Yasuo Ohgaki
yohgaki@ohgaki.net
Thread (7 messages)