Changes between Version 4 and Version 5 of Ticket #8061, comment 3


Ignore:
Timestamp:
07/11/14 12:50:18 (5 years ago)
Author:
belmyst
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #8061, comment 3

    v4 v5  
    1 I've made this patch to include the above priority string.
    2 But according to [http://blog.lighttpd.net/gnutls-priority-strings.html], {{{+PFS:+NORMAL:%SSL3_RECORD_VERSION}}}
     1According to [http://blog.lighttpd.net/gnutls-priority-strings.html], {{{+PFS:+NORMAL:%SSL3_RECORD_VERSION}}}
    32includes several out of date or insecure ciphers:
    43{{{
     
    2322TLS_RSA_WITH_RC4_128_MD5        RSA     ARCFOUR-128     MD5
    2423}}}
    25 (To decide, I used
     24To decide, I used
    2625* [https://community.qualys.com/blogs/securitylabs/2013/08/05/configuring-apache-nginx-and-openssl-for-forward-secrecy]
    2726* [https://github.com/cloudflare/sslconfig/blob/master/conf]
     
    2928* [https://blog.thijsalkema.de/me/blog//blog/2013/09/02/the-state-of-tls-on-xmpp-3/ ]
    3029as guides.
    31 I've also excluded elliptic curves not used by eg. Google Chrome and Firefox.)
    3230
    33 As a result, my priority string ended up being {{{+PFS:!3DES-CBC:!DHE-DSS:!CURVE-SECP192R1:!CURVE-SECP224R1:!MD5:+RSA:%SSL3_RECORD_VERSION}}}.
     31A previous version of my patch proposed {{{+PFS:!3DES-CBC:!DHE-DSS:!CURVE-SECP192R1:!CURVE-SECP224R1:!MD5:+RSA:%SSL3_RECORD_VERSION}}} as a fix, but this implies that GnuTLS 3.2.4 or higher is needed to compile (which is a no-no on e.g. Ubuntu 12.04 LTS).
    3432
    35 Regarding NSS, I've made a patch including roughly the same ciphersuites, and including the changes proposed for #15909.
     33I propose instead to use {{{SECURE128:-RSA:+RSA:!DHE-DSS:%SSL3_RECORD_VERSION}}}:
     34* It should not change version requirements, unlike PFS.
     35* It already kills 3-DES, RC4 and MD5 (as required by comment #2). Additionally, I killed DHE-DSS suites (does anyone use them?).
     36* The {{{-RSA:+RSA}}} forces non-PFS suites to the bottom.
     37
     38Regarding NSS, I've made a patch including
     39* where possible, the same ciphersuites (based onto GnuTLS's offered key exchanges, ciphers and hash algorithms).
     40* the changes proposed for #15909, enabling TLSv1.1 and higher.
    3641
    3742It's my first patch here, so all and every comment is more than welcome :)
    38 
    39 EDIT: A previous version of this patch used the "NORMAL" priority component, meaning that RSA ciphersuites appeared before DHE-RSA. This was fixed by manually adding the RSA key exchange.
    40 
    41 EDIT 2: This patch also means that you need at least GnuTLS 3.2.4 to compile (due to the "PFS" priority string). I tested these patches with NSS 3.15.4 and GnuTLS 3.2.11.
     43I would particularly appreciate feedback on whether additional ciphers should (not) be included (especially RC4).
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!