Hello! On Mon, Aug 03, 2015 at 05:51:34PM +0100, Mike MacCana wrote:
> The current example value for ssl_ciphers in nginx (HIGH:!aNULL:!MD5) has a > number of security issues, including: > > - Weak DH key exchange / vulnerability to logjam attack This is not really related to the cipher suite used, but rather to the DH paramters used. We may consider removing default DH parameters from nginx code instead. > - Preferring AES-CBC instead of GCM, which causes an 'obsolete cipher > suite' message in recent versions of Chrome There is no preference enforced by nginx by default. > - 128 bit AES should be preferred over 192 and 256 bit AES considering > attacks that specifically affect the larger key sizes but do not affect AES > 128 As far as I undersand, this is about related-key attacks and doesn't really affect nginx operation. The "no preference" above also applies. Overral answer: No, thanks. And even if some of the over concens were valid, the answer would be the same. The default is kept good enough to be generally usable, and it doesn't try to account for any recent cryptographic findings, nor it tries to enforce any chipher preferences on server. This approach is believed to be better in a quickly changing world assuming the administrator is not tracking recent attacks and changes the configuration accordingly. -- Maxim Dounin http://nginx.org/ _______________________________________________ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel
