On 08/25/2016 03:34 PM, William A Rowe Jr wrote:
My 2c...
Exclusion lists are far preferable to allow lists. .conf files seem
to persist for a decade and longer. There is no anticipating what
will be added to the list of unwise ciphers a year from now, but that
goes for an explicit list or for a
On Fri, Aug 26, 2016 at 12:56 AM, Yann Ylavic wrote:
> On Fri, Aug 26, 2016 at 12:34 AM, William A Rowe Jr
> wrote:
>>
>> Exclusion lists are far preferable to allow lists. .conf files seem to
>> persist for
>> a decade and longer. There is no anticipating what will be added to the list
>> of un
On Fri, Aug 26, 2016 at 12:34 AM, William A Rowe Jr wrote:
>
> Exclusion lists are far preferable to allow lists. .conf files seem to
> persist for
> a decade and longer. There is no anticipating what will be added to the list
> of unwise ciphers a year from now, but that goes for an explicit list
On 08/25/2016 03:37 PM, Yann Ylavic wrote:
Note that this thread recommends:
DEFAULT:!EXPORT:!LOW:!MEDIUM
which, with openssl 1.1, selects DHE-RSA-AES256-SHA before e.g.
ECDHE-ECDSA-CHACHA20-POLY1305.
So some tuning is needed there too...
Yeah, I honestly don't agree with Viktor's blanket rec
On Thu, Aug 25, 2016 at 11:37 PM, Yann Ylavic wrote:
>>>
>>> Actually, intermediate looks more like:
>>> kECDHE:kDHE:kRSA:+SHA:!MEDIUM:!LOW:!aNULL:!eNULL:!DSS:!RC4:!3DES
>
> The CipherSuite above is perfectly fine with all versions AFAICT...
I spoke too quickly, libressl does not understand the k
On Thu, Aug 25, 2016 at 5:09 PM, Jacob Champion
wrote:
> On 08/25/2016 02:37 PM, Yann Ylavic wrote:
>
>> I find this CipherSuite quite evolutive and unsurprising (key exchange
>> algorithms don't change or are introduced too often, that's an
>> euphemism :), if a cipher proves to be weak, add it
On 08/25/2016 02:37 PM, Yann Ylavic wrote:
I find this CipherSuite quite evolutive and unsurprising (key exchange
algorithms don't change or are introduced too often, that's an
euphemism :), if a cipher proves to be weak, add it to the :!END and
be done (like RC4 and 3DES recently).
To be clear
On Thu, Aug 25, 2016 at 11:04 PM, Jacob Champion wrote:
> On 08/25/2016 01:44 PM, Yann Ylavic wrote:
>>
>> On Thu, Aug 25, 2016 at 10:26 PM, Yann Ylavic
>> wrote:
>>>
>>> An exhaustive ciphers list looks not evolutive to me, and depends on
>>> the SSL library version.
>>>
>>> "Modern" ciphers cou
On 08/25/2016 02:04 PM, Jacob Champion wrote:
(HIGH was supposed to be the evolutive way to go, but IIRC that failed
due to backwards compatibility concerns when OpenSSL tried to remove the
weak ciphers from it.)
(For more exciting reading on the cipher compatibility saga, see
https://mta.o
On 08/25/2016 01:44 PM, Yann Ylavic wrote:
On Thu, Aug 25, 2016 at 10:26 PM, Yann Ylavic wrote:
An exhaustive ciphers list looks not evolutive to me, and depends on
the SSL library version.
"Modern" ciphers could possibly be defined by
'kECDHE:!MEDIUM:!LOW:!aNULL:!eNULL:!SSLv3', and "Intermedi
Thanks for the review!
On 08/25/2016 12:50 PM, Eric Covener wrote:
- If we talk about BREACH we can't just show "SSLCompression off"
because BREACH, IIUC, would affect deflate over TLS not just TLS
compression.
Right, `SSLCompression off` is there to address the general CRIME-type
vulnerabil
On Thu, Aug 25, 2016 at 10:26 PM, Yann Ylavic wrote:
> Hi Jacob,
>
> On Thu, Aug 25, 2016 at 7:36 PM, Jacob Champion wrote:
>>
>> If you're interested, the relevant commit is r1757280 in httpd.
>
> An exhaustive ciphers list looks not evolutive to me, and depends on
> the SSL library version.
>
>
Hi Jacob,
On Thu, Aug 25, 2016 at 7:36 PM, Jacob Champion wrote:
>
> If you're interested, the relevant commit is r1757280 in httpd.
An exhaustive ciphers list looks not evolutive to me, and depends on
the SSL library version.
"Modern" ciphers could possibly be defined by
'kECDHE:!MEDIUM:!LOW:!
On Thu, Aug 25, 2016 at 1:36 PM, Jacob Champion wrote:
> If you're interested, the relevant commit is r1757280 in httpd.
It looks reasonable / conventional wisdom to me. Only things that
stuck out to me:
- If we talk about BREACH we can't just show "SSLCompression off"
because BREACH, IIUC, wo
Hi all,
I've been informed that docs backports are CTR, but since this is my
first time updating them (and it's a security document that I've
updated), I was hoping for a couple more eyes.
If you're interested, the relevant commit is r1757280 in httpd.
Thanks!
--Jacob
--
15 matches
Mail list logo
