Re: openssl default ciphers

[Stefan Bühler <stbuehler () lighttpd net>]

On Mon, 4 Nov 2013 18:49:06 +0100
Hanno Böck <hanno () hboeck de> wrote:

> On Mon, 4 Nov 2013 18:16:30 +0100
> Stefan Bühler <stbuehler () lighttpd net> wrote:
>
> > Is 'DEFAULT@STRENGTH:!LOW:!EXP' (should
> > be similar to 'HIGH:MEDIUM:!aNULL') a reasonably default?
>
> SSLCipherSuite HIGH:!MEDIUM:!LOW:!aNULL@STRENGTH
> should be fine. There are basically near zero browsers out there that
> should have any problems with that. Even dinosaurs like IE6 can work
> with this, you don't need "medium" ciphers as long as you don't want
> to make a site accessible to browser museums.

There is no difference to HIGH:!aNULL on my system. I don't see why
HIGH:!MEDIUM:!LOW could be not equal to HIGH anyway...

> And looking at what medium includes that high doesn't, it seems you
> really don't want that ancient cipher suites:
> -DHE-RSA-SEED-SHA
> -DHE-DSS-SEED-SHA
> -SEED-SHA
> -IDEA-CBC-SHA
> -IDEA-CBC-MD5
> -RC2-CBC-MD5
> -ECDHE-RSA-RC4-SHA
> -ECDHE-ECDSA-RC4-SHA
> -ECDH-RSA-RC4-SHA
> -ECDH-ECDSA-RC4-SHA
> -RC4-SHA
> -RC4-MD5
> -RC4-MD5
> -PSK-RC4-SHA

This is not what I get for "MEDIUM" (debian testing); I see only SEED +
RC4; RC2 is an export cipher; wikipedia has some stuff on IDEA, and it
seems indeed "ancient". SEED might be more relevant (for Korea...), and
RC4 is having a big comeback due to the BEAST attack.

I think due to BEAST a default collection should include RC4; that is
why I included MEDIUM.

Attachment: signature.asc
Description: