[Ach] Cipher-Order: AES128/AES256 - was: Secure E-Mail Transport based on DNSSec/TLSA/DANE

Gunnar Haslinger gh.bettercrypto at hitco.at
Sun Nov 8 13:56:27 CET 2015


Am 08.11.2015 um 12:48 schrieb Adi Kriegisch:
> The other way around: you *only* need SHA1 support. All newer
> implementations are well aware of ECDHE and DHE and thus will choose
> ephemeral ciphers anyways.

Ah - OK, sorry I just misunderstood your former mail.

> Actually I wouldn't do that too: now you have first ECDHE TLSv1.2-TLSv1.0
> and then DHE TLSv1.2-TLSv1.0. I'd very much recommend to prefer TLS1.2 over
> all TLSv1.0 ciphers, no matter if they are ECDHE or DHE...

OK. 
So push back the older TLSv1 ciphers too by adding "+TLSv1" on the right
position:

$ openssl ciphers -v
'-ALL:ECDH+aRSA+AES:DH+aRSA+AES:aRSA+kRSA+AES:+AES256:+TLSv1:+kRSA' |
cut -f1 -d" "
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
DHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES128-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES256-SHA256

ECDHE-RSA-AES128-SHA
DHE-RSA-AES128-SHA
ECDHE-RSA-AES256-SHA
DHE-RSA-AES256-SHA

AES128-GCM-SHA256
AES128-SHA256
AES256-GCM-SHA384
AES256-SHA256
AES128-SHA
AES256-SHA

Tested on
OpenSSL 1.0.1k 8 Jan 2015 on Debian 8.2
OpenSSL 1.0.1e-fips 11 Feb 2013 on CentOS 7.1
OpenSSL 1.0.1e 11 Feb 2013 on Debian 7
OpenSSL 0.9.8o 01 Jun 2010 on Debian 6 (only offering SHA1 and kRSA / DH
Ciphers but not SHA2 and no ECDH)






More information about the Ach mailing list