Re: [openssl-users] Which protocols should my client support?

2017-04-24 Thread Viktor Dukhovni 

> On Apr 24, 2017, at 4:04 PM, Salz, Rich via openssl-users 
>  wrote:
> 
>> My client is a custom application and as such only needs to communicate with 
>> specific servers for specific purposes.  I think it makes sense for my 
>> client to only support the specific protocol that my server will use, 
>> ECDHE-RSA-AES128-GCM-SHA256.  Does this sound reasonable or should I also 
>> include others as well?
> 
> I would suggest you include the three main ciphers defined in TLS 1.3, as 
> that represents the IETF's best thinking for now. AESGCM 128, 256 and 
> ChaCha-poly.

A clean way to get there without being too explicit is:

HIGH+kECDHE:!SHA:!COMPLEMENTOFDEFAULT 

With OpenSSL 1.1.0 this yields:

$ openssl ciphers -v 'HIGH+kECDHE:!aNULL:!SHA:!COMPLEMENTOFDEFAULT'
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) 
Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA 
Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=RSA  
Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) 
Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256)  Mac=SHA384
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA  Enc=AES(256)  Mac=SHA384
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128)  Mac=SHA256
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA  Enc=AES(128)  Mac=SHA256

With 1.0.2 you get:

$ openssl ciphers -v 'HIGH+kECDHE:!SHA:!COMPLEMENTOFDEFAULT'
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) 
Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA  Enc=AES(256)  Mac=SHA384
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256)  Mac=SHA384
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) 
Mac=AEAD
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA  Enc=AES(128)  Mac=SHA256
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128)  Mac=SHA256

-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Which protocols should my client support?

2017-04-24 Thread Salz, Rich via openssl-users 
> My client is a custom application and as such only needs to communicate with 
> specific servers for specific purposes.  I think it makes sense for my client 
> to only support the specific protocol that my server will use, 
> ECDHE-RSA-AES128-GCM-SHA256.  Does this sound reasonable or should I also 
> include others as well?

I would suggest you include the three main ciphers defined in TLS 1.3, as that 
represents the IETF's best thinking for now.  AESGCM 128, 256 and ChaCha-poly.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Which protocols should my client support?

2017-04-24 Thread Gaiseric Vandal 

AES256 ?  Maybe some of the stronger SHA algorithms?





On 04/24/17 13:42, Jeff Archer wrote:
I think this is a silly question but I still would like to get a 
knowledgeable and experienced confirmation of my thinking.


My client is a custom application and as such only needs to 
communicate with specific servers for specific purposes.  I think it 
makes sense for my client to only support the specific protocol that 
my server will use, ECDHE-RSA-AES128-GCM-SHA256.  Does this sound 
reasonable or should I also include others as well?


My thinking is that if the servers are changed one day, it would only 
be for increasing security and thus I will probably need to update to 
latest OpenSSL and so will be updating my app at this time anyway.  
Also, since they are my companies servers, I will be notified ahead of 
time that change is coming.


T
​hanks,
​
Jeff






-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Which protocols should my client support?

2017-04-24 Thread Jeff Archer 
I think this is a silly question but I still would like to get a
knowledgeable and experienced confirmation of my thinking.

My client is a custom application and as such only needs to communicate
with specific servers for specific purposes.  I think it makes sense for my
client to only support the specific protocol that my server will use,
ECDHE-RSA-AES128-GCM-SHA256.  Does this sound reasonable or should I also
include others as well?

My thinking is that if the servers are changed one day, it would only be
for increasing security and thus I will probably need to update to latest
OpenSSL and so will be updating my app at this time anyway.  Also, since
they are my companies servers, I will be notified ahead of time that change
is coming.

T
​hanks,
​
Jeff
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users