Hi,
On Sat, Dec 7, 2013 at 3:01 PM, Tobias Gondrom <[email protected]>wrote: > Hi Ralf, > > trying to understand what functionality you are seeking. > Should this be: > a) only a pinned "announcement" of the supported cipher suites on the > server or > b) "enforced" on the server? > That is open for discussion. My personal preference is that server announces a set of 'STRONG' ciphers to the client. The client will fail to connect on future connections if none of the announced ciphers is no longer available (downgrade attack under way). > > In case of b) would this mean that the server fails any insecure cipher > connection attempts. > > Best regards, Tobias > > > Ps.: btw. on a personal note: I found that the underlying paradigm we had > in browser web servers of "weak encryption would be better than no > encryption" from back in the day of weak algorithms due to export > regulations in the US is part of or even the root of the problem. IMHO this > allows the downgrading attacks. In my view we should on server side shift > to a paradigm of "either strong encryption or no encryption at all". > I'm with you on this one. The big corporates who value their customers (including the 5% still using SSLv2/v3) are not. Currently the 95% of users are taking a security hit to let the 5% of all users still connect to the websites. It will be like this for the foreseeable future :/ regards, ralf
_______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
