Hi! > >> $ openssl ciphers -v > >> '-ALL:ECDH+aRSA+AES:DH+aRSA+AES:aRSA+kRSA+AES:+AES256' | cut -f1 -d" " > >> ECDHE-RSA-AES128-GCM-SHA256 > >> ECDHE-RSA-AES128-SHA256 > >> ECDHE-RSA-AES128-SHA > >> DHE-RSA-AES128-GCM-SHA256 > >> DHE-RSA-AES128-SHA256 > >> DHE-RSA-AES128-SHA > >> AES128-GCM-SHA256 > >> AES128-SHA256 > >> AES128-SHA > --- > >> ECDHE-RSA-AES256-GCM-SHA384 > >> ECDHE-RSA-AES256-SHA384 > >> ECDHE-RSA-AES256-SHA > >> DHE-RSA-AES256-GCM-SHA384 > >> DHE-RSA-AES256-SHA256 > >> DHE-RSA-AES256-SHA > >> AES256-GCM-SHA384 > >> AES256-SHA256 > >> AES256-SHA > > You do notice that you prefer non-ephemeral ciphers over ephemeral ones > > here, right? As the fallback cipher you only ever need AES256-SHA and > > nothing else to support legacy-old-really-old-legacy versions of openssl > > at the very end of the cipher string. > > No, i don't like to prefer non-ephermeral Ciphers and I think this is > not configured - let me explain: > The choice which Cipher is picked is configured to be done by the Server. Ok, the whole idea about letting the server choose the cipher is that the choice is done once -- with the help of an appropriate cipher string -- on the server side and enhances security for a plethora of clients. If you decide to prefer AES128 over AES256 to let the client chose you are doing it wrong: 1. You, in your role as a server admin, choose the level of security for your site and the level of secrecy of the content of your site. 2. Let the server choose to let the client choose sounds a little confused.
If you decide not to use AES256 or to prefer ECDHE this is fine for me, just go ahead and deploy your own cipher string. Supporting non-ephemeral ciphers is only ever required on certain versions of openssl 0.9.8 that do not have any other cipher overlap. So you only ever need AES256-SHA and nothing else. I am not even sure if we could completely remove this cipher from the string since we deprecated SSLv3 and WinXP, but I think some older versions of Apple Mail still require that cipher to work. In other words: you need not provide AES*GCM-SHA2 and AES*SHA2. -- Adi
signature.asc
Description: Digital signature
_______________________________________________ Ach mailing list [email protected] http://lists.cert.at/cgi-bin/mailman/listinfo/ach
