oss-sec mailing list archives
Re: openssl default ciphers
From: Daniel Kahn Gillmor <dkg () fifthhorseman net>
Date: Mon, 04 Nov 2013 12:36:16 -0500
On 11/04/2013 12:16 PM, Stefan Bühler wrote:
while working on the lighttpd SNI bug I realized that openssl defaults to a very bad set of ciphers. I also couldn't find a sane recommendation from upstream openssl to use as default, as "DEFAULT" obviously is not a good choice. (I also don't see any reason why "DEFAULT" includes export and "LOW" ciphers...) Is 'DEFAULT@STRENGTH:!LOW:!EXP' (should be similar to 'HIGH:MEDIUM:!aNULL') a reasonably default? I don't want to enforce PFS or break compatibility on purpose; so I think the default could be a little bit less "secure" than what I would actually recommend to use. So I'm not interested in how to get a super extra secure cipher set (there are many cipher strings in the wild by various folks for that), but more in a reasonable lower bound.
There is ongoing discussion on one of the major users of OpenSSL (apache) about what the defaults should be for that user:
https://issues.apache.org/bugzilla/show_bug.cgi?id=49559#c11 I agree that the OpenSSL defaults seem too lax. --dkg
Current thread:
- openssl default ciphers Stefan Bühler (Nov 04)
- Re: openssl default ciphers Daniel Kahn Gillmor (Nov 04)
- Re: openssl default ciphers Eric H. Christensen (Nov 04)
- Re: openssl default ciphers Hanno Böck (Nov 04)
- Re: openssl default ciphers Russ Allbery (Nov 04)
- Re: openssl default ciphers Stefan Bühler (Nov 04)
- Re: openssl default ciphers Mike (Nov 04)
- Re: openssl default ciphers Eric H. Christensen (Nov 04)
- Re: openssl default ciphers leToff (Nov 04)
- Re: openssl default ciphers Stefan Bühler (Nov 05)
- Re: openssl default ciphers Florian Weimer (Nov 05)