Re: [HACKERS] SSL: better default ciphersuite

2014-02-24 Thread Peter Eisentraut
committed -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] SSL: better default ciphersuite

2014-02-23 Thread Marko Kreen
On Sat, Feb 22, 2014 at 08:31:14PM -0500, Peter Eisentraut wrote: On 2/2/14, 7:16 AM, Marko Kreen wrote: On Thu, Dec 12, 2013 at 04:32:07PM +0200, Marko Kreen wrote: Attached patch changes default ciphersuite to HIGH:MEDIUM:+3DES:!aNULL and also adds documentation about reasoning for it.

Re: [HACKERS] SSL: better default ciphersuite

2014-02-22 Thread Peter Eisentraut
On 2/2/14, 7:16 AM, Marko Kreen wrote: On Thu, Dec 12, 2013 at 04:32:07PM +0200, Marko Kreen wrote: Attached patch changes default ciphersuite to HIGH:MEDIUM:+3DES:!aNULL and also adds documentation about reasoning for it. This is the last pending SSL cleanup related patch:

Re: [HACKERS] SSL: better default ciphersuite

2014-02-02 Thread Marko Kreen
On Thu, Dec 12, 2013 at 04:32:07PM +0200, Marko Kreen wrote: Attached patch changes default ciphersuite to HIGH:MEDIUM:+3DES:!aNULL and also adds documentation about reasoning for it. This is the last pending SSL cleanup related patch:

Re: [HACKERS] SSL: better default ciphersuite

2013-12-17 Thread Robert Haas
On Sun, Dec 15, 2013 at 5:10 PM, James Cloos cl...@jhcloos.com wrote: For reference, see: https://wiki.mozilla.org/Security/Server_Side_TLS for the currently suggested suite for TLS servers. ... But for pgsql, I'd leave off the !PSK; pre-shared keys may prove useful for some. And RC4,

Re: [HACKERS] SSL: better default ciphersuite

2013-12-17 Thread Bruce Momjian
On Tue, Dec 17, 2013 at 09:51:30AM -0500, Robert Haas wrote: On Sun, Dec 15, 2013 at 5:10 PM, James Cloos cl...@jhcloos.com wrote: For reference, see: https://wiki.mozilla.org/Security/Server_Side_TLS for the currently suggested suite for TLS servers. ... But for pgsql, I'd leave

Re: [HACKERS] SSL: better default ciphersuite

2013-12-17 Thread Adrian Klaver
On 12/17/2013 08:26 AM, Bruce Momjian wrote: On Tue, Dec 17, 2013 at 09:51:30AM -0500, Robert Haas wrote: On Sun, Dec 15, 2013 at 5:10 PM, James Cloos cl...@jhcloos.com wrote: For reference, see: https://wiki.mozilla.org/Security/Server_Side_TLS for the currently suggested suite for TLS

Re: [HACKERS] SSL: better default ciphersuite

2013-12-17 Thread Marko Kreen
On Tue, Dec 17, 2013 at 11:26:13AM -0500, Bruce Momjian wrote: On Tue, Dec 17, 2013 at 09:51:30AM -0500, Robert Haas wrote: I'm starting to think we should just leave this well enough alone. We can't seem to find two people with the same idea of what would be better than what we have now.

Re: [HACKERS] SSL: better default ciphersuite

2013-12-17 Thread Gavin Flower
On 18/12/13 05:26, Bruce Momjian wrote: On Tue, Dec 17, 2013 at 09:51:30AM -0500, Robert Haas wrote: On Sun, Dec 15, 2013 at 5:10 PM, James Cloos cl...@jhcloos.com wrote: For reference, see: https://wiki.mozilla.org/Security/Server_Side_TLS for the currently suggested suite for TLS

Re: [HACKERS] SSL: better default ciphersuite

2013-12-17 Thread Marko Kreen
On Sun, Dec 15, 2013 at 05:10:38PM -0500, James Cloos wrote: MK == Marko Kreen mark...@gmail.com writes: PE == Peter Eisentraut pete...@gmx.net writes: PE Any other opinions on this out there? For reference, see: https://wiki.mozilla.org/Security/Server_Side_TLS for the currently

Re: [HACKERS] SSL: better default ciphersuite

2013-12-15 Thread James Cloos
MK == Marko Kreen mark...@gmail.com writes: PE == Peter Eisentraut pete...@gmx.net writes: MK Well, we should - the DEFAULT is clearly a client-side default MK for compatibility only. No server should ever run with it. PE Any other opinions on this out there? For reference, see:

Re: [HACKERS] SSL: better default ciphersuite

2013-12-13 Thread Marko Kreen
On Thu, Dec 12, 2013 at 09:18:03PM -0500, Peter Eisentraut wrote: On Thu, 2013-12-12 at 12:30 +0200, Marko Kreen wrote: First, if there is explicit wish to keep RC4/SEED in play, I'm fine with HIGH:MEDIUM:!aNULL as new default. Clarity-wise, it's still much better than current value. And

Re: [HACKERS] SSL: better default ciphersuite

2013-12-12 Thread Marko Kreen
On Wed, Dec 11, 2013 at 10:08:44PM -0500, Tom Lane wrote: Peter Eisentraut pete...@gmx.net writes: Any other opinions on this out there? All instances of other SSL-enabled servers out there, except nginx, default to some variant of DEFAULT:!LOW:... or HIGH:MEDIUM: The proposal here is

Re: [HACKERS] SSL: better default ciphersuite

2013-12-12 Thread Magnus Hagander
On Thu, Dec 12, 2013 at 11:30 AM, Marko Kreen mark...@gmail.com wrote: On Wed, Dec 11, 2013 at 10:08:44PM -0500, Tom Lane wrote: Peter Eisentraut pete...@gmx.net writes: Any other opinions on this out there? All instances of other SSL-enabled servers out there, except nginx, default to

Re: [HACKERS] SSL: better default ciphersuite

2013-12-12 Thread Marko Kreen
On Thu, Dec 12, 2013 at 01:33:57PM +0100, Magnus Hagander wrote: On Thu, Dec 12, 2013 at 11:30 AM, Marko Kreen mark...@gmail.com wrote: On Wed, Dec 11, 2013 at 10:08:44PM -0500, Tom Lane wrote: I know that SChannel SSL library in Windows XP (and earlier) is such RC4+3DES only

Re: [HACKERS] SSL: better default ciphersuite

2013-12-12 Thread Peter Eisentraut
On Thu, 2013-12-12 at 12:30 +0200, Marko Kreen wrote: First, if there is explicit wish to keep RC4/SEED in play, I'm fine with HIGH:MEDIUM:!aNULL as new default. Clarity-wise, it's still much better than current value. And this value will result *exactly* same list in same order as current

Re: [HACKERS] SSL: better default ciphersuite

2013-12-11 Thread Peter Eisentraut
On Fri, 2013-11-29 at 18:43 +0200, Marko Kreen wrote: Well, we should - the DEFAULT is clearly a client-side default for compatibility only. No server should ever run with it. Any other opinions on this out there? All instances of other SSL-enabled servers out there, except nginx, default to

Re: [HACKERS] SSL: better default ciphersuite

2013-12-11 Thread Tom Lane
Peter Eisentraut pete...@gmx.net writes: Any other opinions on this out there? All instances of other SSL-enabled servers out there, except nginx, default to some variant of DEFAULT:!LOW:... or HIGH:MEDIUM: The proposal here is essentially to disable MEDIUM ciphers by default, which is

Re: [HACKERS] SSL: better default ciphersuite

2013-11-29 Thread Peter Eisentraut
On Fri, 2013-11-15 at 01:11 +0200, Marko Kreen wrote: Attached patch changes the default ciphersuite to HIGH:!aNULL instead of old DEFAULT:!LOW:!EXP:!MD5:@STRENGTH where DEFAULT is a shortcut for ALL:!aNULL:!eNULL. Main goal is to leave low-level ciphersuite details to

Re: [HACKERS] SSL: better default ciphersuite

2013-11-29 Thread Marko Kreen
On Fri, Nov 29, 2013 at 09:18:49AM -0500, Peter Eisentraut wrote: On Fri, 2013-11-15 at 01:11 +0200, Marko Kreen wrote: Attached patch changes the default ciphersuite to HIGH:!aNULL instead of old DEFAULT:!LOW:!EXP:!MD5:@STRENGTH where DEFAULT is a shortcut for