On Thu, Dec 12, 2013 at 09:18:03PM -0500, Peter Eisentraut wrote: > On Thu, 2013-12-12 at 12:30 +0200, Marko Kreen wrote: > > First, if there is explicit wish to keep RC4/SEED in play, I'm fine > > with "HIGH:MEDIUM:!aNULL" as new default. Clarity-wise, it's still > > much better than current value. And this value will result *exactly* > > same list in same order as current value. > > If we have to make a change, I'd go for that, but I'm not convinced that > this is necessarily clearer.
Yeah, the clarity argument is getting thinner... And my latest patch was for HIGH:MEDIUM:+3DES:!aNULL. I still think it's better to have positive statements there - "gimme this and that" - instad badly-named 'DEFAULT' and then lot's of negatives applied to it. But it's not that straightforward anymore - the "+3DES" breaks the "leave everything to OpenSSL" angle. But we do need to change default suite list to have one that works well with prefer-server-ciphers option, which means it should contain at least the +3DES workaround. Client that don't want AES256 are reasonable as AES256 does not have any practical advantages over AES128. I don't think just reverting the default is good idea - we should then add documentation to option that "if you flip this, add such fixes to cipher list". Which seems silly. And not documenting anything and just leaving matters to admins seems bad idea too - they are not in better position to do such research than we are now. So I think we can pick good default, now, and everybody will benefit. For fun, how to go overboard on the issue - Mozilla recommendations for TLS setup on their infrastructure: https://wiki.mozilla.org/Security/Server_Side_TLS It also discusses various issues with TLS, so it's good read. -- marko -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers