thanks for the precisions
leaving SSLv3 active is ok if he is the only one to connect, as well as for
ciphers
but a rogue client can still force downgrade for both cipher and protocol...
for the cipher list I did clearly not choose the more efficient way to do this
however I think it is still preferable to remove some ciphers twice than not at
all
concerning anonymous authentication, I'm still not convinced that it could be
considered safe when establishing a "secure" connection
still, the only way to be sure is to exchange certificates (or maybe a
symmetric key) offline prior any communication
Nico
----- Mail d'origine -----
De: Viktor Dukhovni <openssl-us...@dukhovni.org>
À: openssl-users@openssl.org
Envoyé: Fri, 23 May 2014 18:32:15 +0200 (CEST)
Objet: Re: Re?: How to make a secure tcp connection without using certificate
On Fri, May 23, 2014 at 06:11:05PM +0200, nicolas....@free.fr wrote:
> use at the very least TLSv1 (and preferably TLSv1_2) protocol if you want
> to use SSLv23_server_method(), don't forget to disable SSLv2 and 3 protocols
> (and maybe TLSv1) with the command
>
> SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3);
Typically, leaving SSLv3 enabled is just fine if both ends support
something stronger they'll negotiate that.
> third, you should also be cautious with which symetric cipher you use :
> by default, you still have RC2 and DES activated until TLSv1.1, RC4 and
> 3DES in TLSv1.2, which are either unsecure or will soon be you could use
> these lines to avoid unsecure ciphers :
Again, with the DEFAULT cipherlist, one generally negotiates the
strongest mutually-available cipher-suite, and there is little need
to disable weaker ciphers. However, since nobody uses export cipher
suites or single DES anymore, the simplest cipher-suite tweak is:
DEFAULT:!EXPORT:!LOW
if certificates are required or
ALL:!EXPORT:!LOW
if anonymous (ADH or AECDH) cipher-suites are needed.
> #define CIPHERS "HIGH:+MEDIUM:!aNULL:!eNULL:!3DES:!RC4:!RC2!DES"
> SSL_CTX_set_cipher_list(ctx, CIPHERS);
This is broken, HIGH includes no MEDIUM ciphers, so the "+MEDIUM" has
no effect. The OP seemed to want no certificates, so "!aNULL" is
perhaps too restrictive. There's a missing ":" between "!RC2" and
not "!DES", but there are no DES or RC2 ciphers in HIGH, so it is not
clear why these are present.
As for the OP's question, it was very poorly stated, and it is far
from clear what a sensible answer might be.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
