[Ach] Cipher-Order: AES128/AES256 - was: Secure E-Mail Transport based on DNSSec/TLSA/DANE
gh.bettercrypto at hitco.at
Sun Nov 8 15:13:27 CET 2015
Am 08.11.2015 um 14:09 schrieb Adi Kriegisch:
> or on pretty old openssl 0.9.8:
What 0.9.8 Version was capable of ECDH? Mine is not, and the docs tell
me 0.9.8 doesn't know EC.
> If you explicitly select included ciphers, '-ALL' isn't required.
I know, but i like to include it to be sure and to make it clear what
the assumption is.
> am not sure if '+TLSv1' works everywhere but using '+SSLv3' does no harm:
Thats true, but many people who just see the "+SSLv3" without knowing
what it does think this cipher-String is weak because of including the
let me sum up which requirements we considered so far:
Which Ciphers should be included:
1. start with the Ciphers included in the Current CipherString-B, they
are still sane
2. Camellia could be considered to be removed.
3. additional Ciphers could be include if they are sane
4. Ciphers which seem to be unnecessary (e.g. ECDHE with SHA1, Clients
capable ECDH are all capable SHA2) could be removed
Which Ciphers should be preferred:
5. Choose a PFS Cipher if Client/Server are able to
6. Prefer a modern GCM/SHA2 to SHA1
7. Performance: ECDHE could be prefered over DHE
8. Performance: AES128 could be prefered over AES256
How should the String-Building be done:
9. deactivating Ciphers in OpenSSL gives not predictable results in
newer versions as newer ciphers will be added
10. Sorting by "+...." has to be done the least significant property
first and the most significant property last
11. Keep the String short, simple, self-explaining, logical
12. Do not include unwanted Buzzwords like "+SSLv3"
As Adi is unsure if using the "TLSv1" Keyword is supported well try
As there is really no need to support SHA1 with ECDH just remove it.
When sorting push back SHA1 and the non-PFS kRSA. Then there is no need
to push-back maybe unknown strings like "TLSv1" or use unwanted
buzzwords like "SSLv3" and we get:
$ openssl ciphers -v
| cut -f1 -d" "
or on old 0.9.8 whithout SHA2 and EC Support this still results in:
More information about the Ach