On 2/05/2014 11:49 PM, Salz, Rich wrote: >> Steve, have you considered trimming the DEFAULT cipher list? >> It's currently... >> #define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL:!SSLv2" >> I wonder how many of these ciphers are actually ever negotiated in >> real-world use. > I'm forwarding a bit of internal discussion; hope it's useful. This is from > one of our chief info-sec people:
A set of recommendations from the Mozilla team along with a write up of how to configure cipher suite selection in a range of servers is at: https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Ciphersuite The short form of their recommendation is: 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256: ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256: DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256: ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384: ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256: DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA: DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA: AES128:AES256:RC4-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK' Their rationale is described at https://wiki.mozilla.org/Security/Server_Side_TLS#Prioritization_logic and the cipher suite you select entirely depends on what your view point is on a range of issues. Discussions on what the "One True Ciphersuite List" should be tend to result in multiple correct answers. Placing a set of recommendations on the wiki (wiki.openssl.org) along with their rationale would be a good step to providing a selection of choices for OpenSSL users. Tim. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
