-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Rich,
Am 09.09.2014 00:42, schrieb Salz, Rich:
We are considering removing weak cryptography from the value of
DEFAULT. That is, append :!LOW:!EXPORT
It is currently defined as this in include/openssl/ssl.h: #define
Please consider also adding !SSLv3 and !RC4 to this list.
My plan is to move RC4 and MD5 to LOW; see RT3518. As for SSLv3, the issue is
that you really mean the protocol, not the ciphers (there's overlap with SSL
and TLS), which is configured separately, and only via code. So I think I have
On Tue, Sep 09, 2014 at 11:02:45AM +0200, Benny Baumann wrote:
Please consider also adding !SSLv3 and !RC4 to this list.
No. That would be unwise at this time.
--
Viktor.
__
OpenSSL Project
Moving RC4 to LOW is also premature. It is already at the bottom of the
medium cipherlist, that should be enough.
I am planning on doing it for master, not 1.0.2 That means it won't be in an
official release until... what, at least six months.
On Tue, Sep 09, 2014 at 08:42:36AM -0400, Salz, Rich wrote:
Moving RC4 to LOW is also premature. It is already at the bottom of the
medium cipherlist, that should be enough.
I am planning on doing it for master, not 1.0.2 That means it
won't be in an official release until... what, at
Master has security levels, which still need some work, but are a less crude
mechanism for such tweaks. Disabling RC4 at security level 2 or some such, is
better than incompatibly reclassifying it as LOW. We can discuss the
details
later.
That should probably also be done. But things
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Viktor Dukhovni
Sent: Tuesday, 09 September, 2014 09:01
To: openssl-users@openssl.org
Subject: Re: Value of DEFAULT cipher suite
On Tue, Sep 09, 2014 at 08:42:36AM -0400, Salz, Rich wrote
On Tue, Sep 09, 2014 at 10:40:26AM -0400, Salz, Rich wrote:
That should probably also be done. But things like HIGH LOW,
etc are point-in-time statements and raising the bar so that existing
applications just get more secure without having to change anything
is also worth doing.
This is
For what it's worth, I'm with Victor on this. RC4 as cipher of last resort in
the
default set is better than not having it there at all.
Take it up with the IETF which has two working groups advocating against it.
UTA (use of TLS in applications) and the TLS group itself:
Far more productive than disabling RC4 would be ensuring that it is not the
preferred cipher suite when better options are enabled.
I am not disabling RC4. I am saying that applications that want to use it
will, after the post-1.0.2 release is adopted, need to take pro-active action.
This
We disagree. I've got two IETF WG's coming to the same conclusion so making
post-1.0.2 follow IETF practices seems pretty inarguable.
The IETF is sadly also prone to knee-jerk reactions.
True. Some would put perpass in that category.
--
Principal Security Engineer
Akamai Technologies,
Yes, I'm jumping the gun claiming that the I-D are standards. They're not.
They're just drafts.
I'm willing to wait and see what happens for a few months.
__
OpenSSL Project
I can see RC4 going in the list of low security ciphers within a couple of
years anyways, so we can better discourage the usage right now.
2014-09-09 18:14 GMT+02:00 Salz, Rich rs...@akamai.com:
We disagree. I've got two IETF WG's coming to the same conclusion so
making post-1.0.2 follow IETF
On Tue, Sep 09, 2014 at 12:14:36PM -0400, Salz, Rich wrote:
We disagree. I've got two IETF WG's coming to the same conclusion
so making post-1.0.2 follow IETF practices seems pretty inarguable.
The IETF is sadly also prone to knee-jerk reactions.
True. Some would put perpass in that
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Salz, Rich
Sent: Tuesday, 09 September, 2014 11:35
To: openssl-users@openssl.org
Subject: RE: Value of DEFAULT cipher suite
Far more productive than disabling RC4 would be ensuring
Folks who want strong BCP crypto, can disable MEDIUM.
Folks who want weak non-BCP crypto can enable LOW.
I'm putting this on hold to see where we are 6-9 months from now.
--
Principal Security Engineer
Akamai Technologies, Cambridge MA
IM: rs...@jabber.me Twitter: RichSalz
On 09/09/2014 00:42, Salz, Rich wrote:
We are considering removing weak cryptography from the value of DEFAULT. That is, append
:!LOW:!EXPORT
It is currently defined as this in include/openssl/ssl.h:
#define SSL_DEFAULT_CIPHER_LIST ALL:!aNULL:!eNULL:!SSLv2
Please let us know if
In addition to removing the very-weak (less than 70 bits security) ciphers
from the default list,this would be a good opportunity to reorder the default
I'd prefer to wait until TLS 1.3 is implemented, which has some definite (and
rather strong :) feelings on the subject. Doing things like
On Tue, Sep 09, 2014 at 07:04:36PM +0200, Jakob Bohm wrote:
In addition to removing the very-weak (less than 70 bits security)
ciphers from the default list,this would be a good opportunity to
reorder the default list (either via the define, or bettervia whatever
internal priorities guide the
On 09/09/2014 19:20, Salz, Rich wrote:
In addition to removing the very-weak (less than 70 bits security) ciphers
from the default list,this would be a good opportunity to reorder the default
I'd prefer to wait until TLS 1.3 is implemented, which has some definite (and
rather strong :)
You really should look at the extensive research done by SSL Labsbefore
blindly deprecating stuff.
Sorry you think I'm doing that. I'm raising an issue six months before it will
affect people.
--
Principal Security Engineer, Akamai Technologies
IM: rs...@jabber.me Twitter: RichSalz
We are considering removing weak cryptography from the value of DEFAULT. That
is, append :!LOW:!EXPORT
It is currently defined as this in include/openssl/ssl.h:
#define SSL_DEFAULT_CIPHER_LIST ALL:!aNULL:!eNULL:!SSLv2
Please let us know if you have strong objections to this.
--
22 matches
Mail list logo