[Ach] Microsoft IIS Test Lab
Andreas Mirbach
a.mirbach at me.com
Mon Feb 3 13:58:51 CET 2014
Hi everyone,
right now I'm building a lab environment to test the BetterCrypto configuration B.
I found that Mircosoft does not support all ciphers e.g Camelia.
In the following msdn article you can see the supported ciphers.
http://msdn.microsoft.com/en-us/library/windows/desktop/aa374757(v=vs.85).aspx
So here is, what i think, comes close to our prefered configuration.
+TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384
+TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256
+TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384
+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256
+TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384
+TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256
+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384
+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256
+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384
+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256
+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256
+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384
+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256
+TLS_RSA_WITH_AES_256_CBC_SHA256
+TLS_RSA_WITH_AES_256_CBC_SHA
+TLS_RSA_WITH_AES_128_CBC_SHA256
+TLS_RSA_WITH_AES_128_CBC_SHA
-TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
-TLS_DHE_DSS_WITH_AES_128_CBC_SHA
-TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
-TLS_DHE_DSS_WITH_AES_256_CBC_SHA
-TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
-TLS_RSA_WITH_RC4_128_MD5
-SSL_CK_RC4_128_WITH_MD5
-SSL_CK_DES_192_EDE3_CBC_WITH_MD5
-TLS_RSA_WITH_NULL_SHA256
-TLS_RSA_WITH_NULL_SHA
-TLS_RSA_WITH_RC4_128_SHA
-TLS_RSA_WITH_3DES_EDE_CBC_SHA
Please give me your feedback to confirm the configuration.
Mit freundlichen Grüßen
Andreas Mirbach
Zum Römersprudel 101
54294 Trier
+49 160 94980084
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20140203/6e610bd2/attachment.html>
More information about the Ach
mailing list