Re: [openssl-users] Appropriate use of SSL_CTX_set_cipher_list()
On Thursday, 19 July 2018 00:12:55 CEST Michael Wojcik wrote: > > From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > > Of Ryan Beethe > > Sent: Wednesday, July 18, 2018 14:25 > > > > For a safe client application, should you explicitly set the cipher list > > explicitly, rather than trust the default cipher list that comes from > > the package manager's libssl? > > I don't think there's a definitive answer. It will depend on how well that > OpenSSL package is maintained and how often the system administrator (who > may just be Joe End User) updates it, the criteria used by the developer to > set the cipher list, and so on. > > That said, I'll always prefer software that has a configurable cipher list > with a decent default. If the software uses an OpenSSL provided by the OS > manufacturer or some third party, and that OpenSSL comes with its own > default cipher suite list, as in the Fedora case, then making the > application's default "use the OpenSSL package's default" might well be > acceptable. But as I user and system administrator, I always want the > freedom to override it. and the idea of providing that was exactly to allow this, as not all applications provide necessary configuration options, so without the system policy you have no way of overriding openssl defaults at all yes, it's system-wide, but applications are explicitly allowed to override the policy, and if you really need to communicate with old software or hardware, there is LEGACY policy provided for this > The OpenSSL-consuming software I work on all uses our own OpenSSL builds - > we don't use the OS-supplied one, if there is one - so this isn't an issue > I have to deal with professionally. But we do make the cipher-suite list > configurable, with a default that tries to strike a reasonable compromise > between strength and compatibility. yes, for people that manage this stuff themselves, and spend a lot of time thinking and making decisions about their TLS settings, regularly updating it, this may feel intrusive but please remember, this is not the typical user behaviour -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic signature.asc Description: This is a digitally signed message part. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Appropriate use of SSL_CTX_set_cipher_list()
On Wed, Jul 18, 2018 at 03:24:31PM -0500, Ryan Beethe wrote: > For a safe client application, should you explicitly set the cipher list > explicitly, rather than trust the default cipher list that comes from > the package manager's libssl? I would say that the answer to that depends on another question: do you regularly review the package manager's default cipher list, and have reason to trust it? -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: PGP signature -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Appropriate use of SSL_CTX_set_cipher_list()
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Ryan Beethe > Sent: Wednesday, July 18, 2018 14:25 > > For a safe client application, should you explicitly set the cipher list > explicitly, rather than trust the default cipher list that comes from > the package manager's libssl? I don't think there's a definitive answer. It will depend on how well that OpenSSL package is maintained and how often the system administrator (who may just be Joe End User) updates it, the criteria used by the developer to set the cipher list, and so on. That said, I'll always prefer software that has a configurable cipher list with a decent default. If the software uses an OpenSSL provided by the OS manufacturer or some third party, and that OpenSSL comes with its own default cipher suite list, as in the Fedora case, then making the application's default "use the OpenSSL package's default" might well be acceptable. But as I user and system administrator, I always want the freedom to override it. The OpenSSL-consuming software I work on all uses our own OpenSSL builds - we don't use the OS-supplied one, if there is one - so this isn't an issue I have to deal with professionally. But we do make the cipher-suite list configurable, with a default that tries to strike a reasonable compromise between strength and compatibility. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Appropriate use of SSL_CTX_set_cipher_list()
> Offhand, I'm not aware of other OSes that distribute implementations > of OpenSSL that require platform-specific cipher-list settings. Ok, that is very helpful to know > This strikes me as a Really Bad Idea on the part of the Fedora > developers While it is a pain to have to have to have a Fedora-specific patch, I am not sure I understand why this is a bad idea? (Server applications like Apache do not fall under that guideline.) As a consumer of applications that use OpenSSL, I think I would prefer that an up-to-date list of acceptable ciphers is kept by the same folks who keep my libssl.so up-to-date, rather than depending on the developer of each individual application to keep their code in step with current security news. > I recommend Ivan Ristic's /Bulletproof TLS/ e-book I have been meaning to buy this book for a long time, so I finally did. Skimming through it, it looks excellent. I will also take another look at Mozilla's list (as mentioned by Daurnimator), and compare it to the suggestions in "Bulletproof TLS". I have been using the Mozilla list for server-side things, so I suppose it make sense to use it on the client side as well. But I still have one question, which I don't see answered explicitly anywhere: For a safe client application, should you explicitly set the cipher list explicitly, rather than trust the default cipher list that comes from the package manager's libssl? (obviously this question would not apply to operating systems which which don't distribute OpenSSL, or to Fedora) Thanks, Ryan -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Appropriate use of SSL_CTX_set_cipher_list()
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Ryan Beethe > Sent: Tuesday, July 17, 2018 16:37 > > However, I realized that Fedora's packaging standards [1] require me to > elminate this line or use the special value "PROFILE=SYSTEM" for > CIPHERS. > > So that makes me nervous about whether or not I am using > SSL_CTX_set_cipher_list() wrong. Should I be calling it at all? I recommend you make it configurable. > And if > so, where would I find the "right" setting for other operating systems, > since "PROFILE=SYSTEM" appears to be Fedora-specific? Offhand, I'm not aware of other OSes that distribute implementations of OpenSSL that require platform-specific cipher-list settings. This strikes me as a Really Bad Idea on the part of the Fedora developers, but these days I'm not surprised by anything that comes out of the Red Hat organization. Personally, I'd be tempted to drop Fedora from my list of supported platforms, or to ignore their "packaging standards". I have little tolerance for this sort of nonsense. But if you want to accommodate them, put the cipher list in a configuration file, and set it to "PROFILE=SYSTEM" for Fedora and a proper suite list for everything else. That also gives your customers the flexibility to change the list if they have good reason, or if they just enjoy making poor decisions. I recommend Ivan Ristic's /Bulletproof TLS/ e-book (or the /OpenSSL Cookbook/ free excerpt, if you can't afford the full book) for cipher-suite recommendations, and much more besides. It's available from the Feisty Duck website. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Appropriate use of SSL_CTX_set_cipher_list()
On 18 July 2018 at 08:36, Ryan Beethe wrote: > So that makes me nervous about whether or not I am using > SSL_CTX_set_cipher_list() wrong. Should I be calling it at all? And if > so, where would I find the "right" setting for other operating systems, > since "PROFILE=SYSTEM" appears to be Fedora-specific? Mozilla maintain a recommended cipher list. See https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Appropriate use of SSL_CTX_set_cipher_list()
I am writing a cross-platform C application, which I would like to release for a variety of operating systems (Windows 7+, MacOS HighSierra, Debian 8+, Ubuntu 14.04+, Fedora 27+, Centos 7+, ArchLinux, at least for now). Up to now, I have had a line of code which prepares an SSL_CTX object like something like this: SSL_CTX_set_cipher_list(ctx->ctx, CIPHERS); where `CIPHERS` was set to "HIGH:MED:!aNULL:!kRSA:!PSK:!SRP:!MD5:!RC4". However, I realized that Fedora's packaging standards [1] require me to elminate this line or use the special value "PROFILE=SYSTEM" for CIPHERS. So that makes me nervous about whether or not I am using SSL_CTX_set_cipher_list() wrong. Should I be calling it at all? And if so, where would I find the "right" setting for other operating systems, since "PROFILE=SYSTEM" appears to be Fedora-specific? Ryan [1] https://fedoraproject.org/wiki/Packaging:CryptoPolicies -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
