Hey, David.

First, don't worry: TLS cipher suites aren't sensitve, they are anyways
enumerable by any client using a web browser. Here are the cipher suites we
use on the web server that does TLS termination in front of our DSpace
server:

https://github.com/ilri/rmg-ansible-public/blob/master/group_vars/dspace#L22

Furthermore, those ciphers come straight from Mozilla's excellent TLS
Server Security wiki:

https://wiki.mozilla.org/Security/Server_Side_TLS

I'd recommend using the moderate TLS cipher suite from Mozilla's guide.
This should appease your security people.

Alan

On Wed, Jul 15, 2015 at 9:59 PM, Hilton Gibson <hilton.gib...@gmail.com>
wrote:

> Hi David,
>
> Perhaps this will help:
> http://wiki.lib.sun.ac.za/index.php/SUNScholar/Secure_Internet_Connections/S04#SSL_Ciphers_Notes
> :
>
> Cheers
>
> hg
>
> *Hilton Gibson*
> Ubuntu Linux Systems Administrator
> Stellenbosch University Library
> http://staff.lib.sun.ac.za/~hgibson/docs/cv/cv.html
>
>
> On 15 July 2015 at 20:54, Schuster, David <dschus...@mail.twu.edu> wrote:
>
>>  At the request of our University security team we added several new
>> ciphers to our Dspace Tomcat7 setup yesterday and now today I received a
>> notification that Google was not able to crawl our site.
>>
>>
>>
>> I don’t understand this part of security so are there any suggestions or
>> comments about this?  Should I remove them?  I hesitate to email the list
>> of ciphers we implemented as I don’t understand that part of networking.
>>
>>
>>
>> David Schuster
>>
>> Texas Woman's University
>>
>> Director of Library Information Technology & Technical Support
>>
>> Phone: 940-898-3909
>>
>> dschus...@twu.edu
>>
>> [image: emailsignature][image: Alma_Certified_Admin_Logo]
>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Don't Limit Your Business. Reach for the Cloud.
>> GigeNET's Cloud Solutions provide you with the tools and support that
>> you need to offload your IT needs and focus on growing your business.
>> Configured For All Businesses. Start Your Cloud Today.
>> https://www.gigenetcloud.com/
>> _______________________________________________
>> DSpace-tech mailing list
>> DSpace-tech@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/dspace-tech
>> List Etiquette:
>> https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
>>
>
>
>
> ------------------------------------------------------------------------------
> Don't Limit Your Business. Reach for the Cloud.
> GigeNET's Cloud Solutions provide you with the tools and support that
> you need to offload your IT needs and focus on growing your business.
> Configured For All Businesses. Start Your Cloud Today.
> https://www.gigenetcloud.com/
> _______________________________________________
> DSpace-tech mailing list
> DSpace-tech@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/dspace-tech
> List Etiquette:
> https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
>



-- 
Alan Orth
alan.o...@gmail.com
https://alaninkenya.org
https://mjanja.ch
"In heaven all the interesting people are missing." -Friedrich Nietzsche
GPG public key ID: 0x8cb0d0acb5cd81ec209c6cdfbd1a0e09c2f836c0
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette

Reply via email to