On Fri, Aug 26, 2016 at 12:34 AM, William A Rowe Jr <wr...@rowe-clan.net> wrote:
>
> Exclusion lists are far preferable to allow lists. .conf files seem to
> persist for
> a decade and longer. There is no anticipating what will be added to the list
> of unwise ciphers a year from now, but that goes for an explicit list or for
> an
> exception list.
>
> Our how-to should illustrate that specific ciphers *can* be selected. But
> the
> specifics should be up to the underlying crypto support library. Users will
> keep their underlying crypto library more up-to-date than the httpd server
> in the majority of cases.
>
> SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
> SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4
>
> are our current default config recommendations (and Tomcat's, FWIW).
We probably should use "DEFAULT:!MEDIUM:!LOW" (we already forcibly
exclude EXPORT in the code) instead of "HIGH:MEDIUM", that's supposed
to be up to date with security.
>
> Very shortly, !SHA1 is going to be added to that list. This ends at year end
> AIUI, and it becomes most difficult to obtain a commercial non-SHA256
> signed cert.
SHAx is used for MAC, and does have to match certificates signing.
If we exclude SHA1, we break clients capable of AES{128,256}-SHA (or
DHE-*-SHA, or 3DES-SHA) only, that's the same as providing a hardened
CipherSuite only.
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscr...@httpd.apache.org
For additional commands, e-mail: docs-h...@httpd.apache.org
