Dear OpenSSL Developers, I am somewhat involved with the BetterCrypto(.org) project that tries to provide the operations community with a BCP for daemon settings, references and other recommendations. We've discovered an inconsistency that could be called a flaw starting with OpenSSL 0.9.7m ending at 1.0.0a. My best guess is this is already known, but since I could not find an appropriate post to this ML I figured I should send notice anyway.
In particular, given our cipherstring recommendation we encounter that DHE and ECDHE based ciphersuites and their preference are neglected by these OpenSSL versions [0] - we are currently discussing updating our recommendation to an augmented version of this ciphersuite [1]. Can you confirm this is an issue in the OpenSSL codebase? Your release notes state "Various ciphersuite selection fixes." for 0.9.7l to 0.9.7m. And if so - what would be the next steps? I am aware that changing this behavior this might cause problems with legacy software. Here you can find a (scripted) comparison of a handshake negotiation for a given OpenSSL version (s_server & s_client): http://nopaste.narf.at/show/bY1GlbqLyNZhUO27MG5B/ Extending our cipherstring (to a somewhat insane length - that will cause software configuration problems in daemons - e.g. OpenVPN) yield the following result: http://nopaste.narf.at/show/p2uTJ8Gi7RGpBktp6nTr/ Thanks for your time, Aaron [0] https://github.com/puppetlabs/puppet/pull/2494#issuecomment-41350861 [1] http://lists.cert.at/pipermail/ach/2014-May/
signature.asc
Description: OpenPGP digital signature
