Re: SSL: better default ciphersuite
| От | James Cloos |
|---|---|
| Тема | Re: SSL: better default ciphersuite |
| Дата | |
| Msg-id | m3lhzlsr2g.fsf@carbon.jhcloos.org обсуждение исходный текст |
| Ответ на | Re: SSL: better default ciphersuite (Peter Eisentraut <peter_e@gmx.net>) |
| Ответы |
Re: SSL: better default ciphersuite
Re: SSL: better default ciphersuite |
| Список | pgsql-hackers |
>>>>> "MK" == Marko Kreen <markokr@gmail.com> writes: >>>>> "PE" == Peter Eisentraut <peter_e@gmx.net> writes: MK>> Well, we should - the DEFAULT is clearly a client-side default MK>> for compatibility only. No server should ever run with it. PE> Any other opinions on this out there? For reference, see: https://wiki.mozilla.org/Security/Server_Side_TLS for the currently suggested suite for TLS servers. That is: ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256: ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384: DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM: ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA: ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384: ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256: DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256: DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256: AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA: AES128:AES256:RC4-SHA:HIGH: !aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK The page explains why. But for pgsql, I'd leave off the !PSK; pre-shared keys may prove useful for some. And RC4, perhaps, also should be !ed. And if anyone wants Kerberos tls-authentication, one could add KRB5-DES-CBC3-SHA, but that is ssl3-only. Once salsa20-poly1305 lands in openssl, that should be added to the start of the list. -JimC -- James Cloos <cloos@jhcloos.com> OpenPGP: 1024D/ED7DAEA6
В списке pgsql-hackers по дате отправления: