Confirmed users
529
edits
Security/Server Side TLS: Difference between revisions
Jump to navigation
Jump to search
no edit summary
No edit summary |
No edit summary |
||
| Line 11: | Line 11: | ||
|- | |- | ||
| <span style="color:green;">'''READY'''</span> || | | <span style="color:green;">'''READY'''</span> || | ||
* Version 3.5: alm: comment on weakdh vulnerability | |||
* Version 3.4: ulfr: added note about session resumption, HSTS and HPKP | * Version 3.4: ulfr: added note about session resumption, HSTS and HPKP | ||
* Version 3.3: ulfr: fix SHA256 prio, add POODLE details, update various templates | * Version 3.3: ulfr: fix SHA256 prio, add POODLE details, update various templates | ||
| Line 878: | Line 879: | ||
Our guidelines maintain support for SSLv3 in the Old configuration only. This is required for clients on Windows XP service pack 1 & 2 that do not have support for TLSv1.0. Internet Explorer and Chrome on those platforms are impacted. Mozilla wants to be reachable from very old clients, to allow them to download a better browser. Therefore, we maintain SSLv3 compatibility on a limited number of sites. But all sites that do not need that level of compatibility are encouraged to implement the Intermediate configuration | Our guidelines maintain support for SSLv3 in the Old configuration only. This is required for clients on Windows XP service pack 1 & 2 that do not have support for TLSv1.0. Internet Explorer and Chrome on those platforms are impacted. Mozilla wants to be reachable from very old clients, to allow them to download a better browser. Therefore, we maintain SSLv3 compatibility on a limited number of sites. But all sites that do not need that level of compatibility are encouraged to implement the Intermediate configuration | ||
=== Logjam attack === | === Logjam attack on weak Diffie-Hellman === | ||
The Logjam attack describes methods of attacking TLS servers supporting DHE export ciphers, and with weak (< 1024 bit) Diffie Hellman groups. Modern TLS | The Logjam attack describes methods of attacking TLS servers supporting DHE export ciphers, and with weak (<= 1024 bit) Diffie Hellman groups. Modern TLS must use DH parameters of 2048 bits and above, or only use ECDHE. The modern configuration in this guide provide configurations that are not impacted by this issue. The intermediate and old configurations are impacted, and administrators are encourage to use DH parameters of 2048 bits wherever possible. | ||
more: https://weakdh.org | more: https://weakdh.org | ||