MozillaWiki

Talk:Security/Server Side TLS: Difference between revisions

Page Discussion

Talk:Security/Server Side TLS (view source)

Revision as of 14:06, 9 April 2015

2,197 bytes added ,  9 April 2015
no edit summary
(OCSP Stapling support: Adds script for automatic OCSP in HAProxy (Sorry, didn't know about the discussion page))
No edit summary
Line 1: Line 1:
== Page protection ==
== Proposed changes to ciphersuites ==


This wiki page is protected against changes. Changes must be discussed in this section beforehand. If you have any comments, please leave them here, with your nickname and date.
This change was proposed by zwdg on IRC.
<pre>
 
 
    Modern:
   
    ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
   
    Intermediate:
   
    ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA
   
    Old:
   
    ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA
   
    gnutls:
   
    NONE:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+ECDHE-ECDSA:+ECDHE-RSA:+DHE-RSA:+RSA:+AES-128-GCM:+AES-256-GCM:+AES-128-CBC:+AES-256-CBC:+SIGN-ECDSA-SHA512:+SIGN-RSA-SHA512:+SIGN-ECDSA-SHA384:+SIGN-RSA-SHA384:+SIGN-ECDSA-SHA256:+SIGN-RSA-SHA256:+SIGN-DSA-SHA256:+SIGN-RSA-SHA1:+SIGN-DSA-SHA1:+CURVE-SECP521R1:+CURVE-SECP384R1:+CURVE-SECP256R1:+AEAD:+SHA384:+SHA256:+SHA1:+COMP-NULL
 
</pre>
 
With the following comments:
<pre>
< zwdg> GCM modes are the only ones without known crypto vulnerabilities. CBC in TLSv1.2 is secure, but the block mode of operation has some theoretical problems.
< zwdg> only AEAD cipher suits have no vulnerabilities, and all modern browsers and tools are compatible with them, hence they should be the only ones in modern
< zwdg> I evaluated [the ciphersuites] with browsers, crypto tools, and java
10:01 < zwdg> for intermediate, just add the CBC modes, SHA1, and TLSv1.0 to the modern list I posted, and for old just add 3des plus SSLv3
</pre>


== IIS ==
== IIS ==
Ulfr
Confirmed users
529

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1067248"