Am 08.11.2015 um 14:09 schrieb Adi Kriegisch: > or on pretty old openssl 0.9.8: > ECDHE-RSA-AES256-SHA > ECDHE-RSA-AES128-SHA > ECDH-RSA-AES256-SHA > ECDH-RSA-AES128-SHA > DHE-RSA-AES256-SHA > AES256-SHA > DHE-RSA-AES128-SHA > AES128-SHA
What 0.9.8 Version was capable of ECDH? Mine is not, and the docs tell me 0.9.8 doesn't know EC. > If you explicitly select included ciphers, '-ALL' isn't required. I know, but i like to include it to be sure and to make it clear what the assumption is. > am not sure if '+TLSv1' works everywhere but using '+SSLv3' does no harm: Thats true, but many people who just see the "+SSLv3" without knowing what it does think this cipher-String is weak because of including the Buzzword "SSLv3". let me sum up which requirements we considered so far: Which Ciphers should be included: 1. start with the Ciphers included in the Current CipherString-B, they are still sane 2. Camellia could be considered to be removed. 3. additional Ciphers could be include if they are sane 4. Ciphers which seem to be unnecessary (e.g. ECDHE with SHA1, Clients capable ECDH are all capable SHA2) could be removed Which Ciphers should be preferred: 5. Choose a PFS Cipher if Client/Server are able to 6. Prefer a modern GCM/SHA2 to SHA1 7. Performance: ECDHE could be prefered over DHE 8. Performance: AES128 could be prefered over AES256 How should the String-Building be done: 9. deactivating Ciphers in OpenSSL gives not predictable results in newer versions as newer ciphers will be added 10. Sorting by "+...." has to be done the least significant property first and the most significant property last 11. Keep the String short, simple, self-explaining, logical 12. Do not include unwanted Buzzwords like "+SSLv3" As Adi is unsure if using the "TLSv1" Keyword is supported well try another one: As there is really no need to support SHA1 with ECDH just remove it. When sorting push back SHA1 and the non-PFS kRSA. Then there is no need to push-back maybe unknown strings like "TLSv1" or use unwanted buzzwords like "SSLv3" and we get: $ openssl ciphers -v '-ALL:kEECDH+aRSA+AES:-SHA1:kEDH+aRSA+AES:aRSA+kRSA+AES:+AES256:+SHA1:+kRSA' | cut -f1 -d" " ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA AES128-GCM-SHA256 AES128-SHA256 AES256-GCM-SHA384 AES256-SHA256 AES128-SHA AES256-SHA or on old 0.9.8 whithout SHA2 and EC Support this still results in: DHE-RSA-AES256-SHA DHE-RSA-AES128-SHA AES256-SHA AES128-SHA _______________________________________________ Ach mailing list [email protected] http://lists.cert.at/cgi-bin/mailman/listinfo/ach
