On 12/17/2013 10:37 AM, Werner Koch wrote: > On Mon, 16 Dec 2013 21:35, d...@fifthhorseman.net said: > >> Werner, if i can help with configuring or maintaining the web server for >> gnupg.org to address some of these issues, please let me know. > > Yes, I have problems to figure out a woking cipher list which also > allows for IE. What DHE cipher suite may I use with IE given that I > have only an RSA certificate. Or should I simply give up on PFS for IE > users? The active ciphers are right now: > > ECDHE-RSA-AES128-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1 > DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1 > DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
I think it depends on what flavor of IE you're using (and what version of the underlying OS you're using as well). The version of schannel in Windows XP doesn't support ECDHE (or AES(!)) at all, and i don't think any version of schannel supports DHE-RSA if i'm reading these tech reports correctly: Cipher Suites in Schannel http://msdn.microsoft.com/en-us/library/windows/desktop/aa374757%28v=vs.85%29.aspx Schannel Cipher Suites in Windows Vista: http://msdn.microsoft.com/en-us/library/windows/desktop/ff468651%28v=vs.85%29.aspx TLS Cipher Suites in Windows XP and Windows Server 2003: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380512%28v=vs.85%29.aspx Secure Sockets Layer Protocol (v2 and v3) in Windows XP and Windows Server 2003: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380124%28v=vs.85%29.aspx If you want to be able to support these systems, you may need to add a low-priority "Lowest Common Denominator" ciphersuite to match them. Sadly, that seems likely to be TLS_RSA_WITH_3DES_EDE_CBC_SHA, unless you somehow can score a DSA certificate for the service as well (since TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA seems to be the only PFS ciphersuite supported by XP's native TLS stack). I've never even tried to get a DSA certificate for a web server from any member of the CA cartel. Have you? If you want to discourage clients from picking the lowest-common-denominator ciphersuite unless it's the only one they support, you should probably set "SSLHonorCipherOrder 1" in your pound configuration. > p.s. > Attached is I my SSLNoCompression patch for Debian's pound in case > someone is interested. Thanks, i've forwarded that to http://bugs.debian.org/727197 Regards, --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users