On Fri, Aug 26, 2016 at 12:56 AM, Yann Ylavic <ylavic....@gmail.com> wrote:
> On Fri, Aug 26, 2016 at 12:34 AM, William A Rowe Jr <wr...@rowe-clan.net>
> wrote:
>>
>> Exclusion lists are far preferable to allow lists. .conf files seem to
>> persist for
>> a decade and longer. There is no anticipating what will be added to the list
>> of unwise ciphers a year from now, but that goes for an explicit list or for
>> an
>> exception list.
>>
>> Our how-to should illustrate that specific ciphers *can* be selected. But
>> the
>> specifics should be up to the underlying crypto support library. Users will
>> keep their underlying crypto library more up-to-date than the httpd server
>> in the majority of cases.
>>
>> SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
>> SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4
>>
>> are our current default config recommendations (and Tomcat's, FWIW).
>
> We probably should use "DEFAULT:!MEDIUM:!LOW" (we already forcibly
> exclude EXPORT in the code) instead of "HIGH:MEDIUM", that's supposed
> to be up to date with security.
>
>>
>> Very shortly, !SHA1 is going to be added to that list. This ends at year end
>> AIUI, and it becomes most difficult to obtain a commercial non-SHA256
>> signed cert.
>
> SHAx is used for MAC, and does have to match certificates signing.
... does *not* have to match...
> If we exclude SHA1, we break clients capable of AES{128,256}-SHA (or
> DHE-*-SHA, or 3DES-SHA) only, that's the same as providing a hardened
> CipherSuite only.
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscr...@httpd.apache.org
For additional commands, e-mail: docs-h...@httpd.apache.org
