[PATCH] update default ssl_ciphers value
mdounin at mdounin.ru
Mon Aug 3 21:09:27 UTC 2015
On Mon, Aug 03, 2015 at 08:51:07PM +0100, Mike MacCana wrote:
> On Mon, Aug 3, 2015 at 6:31 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> > Overral answer:
> > No, thanks. And even if some of the over concens were valid, the
> > answer would be the same. The default is kept good enough to be
> > generally usable, and it doesn't try to account for any recent
> > cryptographic findings, nor it tries to enforce any chipher
> > preferences on server. This approach is believed to be better in
> > a quickly changing world assuming the administrator is not
> > tracking recent attacks and changes the configuration accordingly.
> Thanks for the quick response Maxim. To clarify, there's currently 3 issues
> regarding cipher lists in nginx :
> - NGX_DEFAULT_CIPHERS has insecure defaults.
This is not true. See my previous message for detailed
explanation on why your concerns are invalid.
> You mention 'there is no
> preference enforced by nginx by default' - are you saying
> NGX_DEFAULT_CIPHERS is unused?
Read: default for ssl_prefer_server_ciphers is off, see
> - the example configuration in the config file is insecure
This is not true, see above.
> - documentation which incorrectly states that the example does not need to
> be modified
The documentation says what's we think is a good enough strategy
in general, see below for a more detailed explanation.
> > This approach is believed to be better in a quickly changing world
> assuming the administrator is not tracking recent attacks and changes the
> configuration accordingly.
> Should this mean 'assuming the administrator is tracking recent attacks'?
> - If you assume the administrator is *not* tracking recent attacks then
> the example config should be secure.
> - If you assume the administrator *is* tracking recent attacks - which is
> a bad assumption, as many nginx users are not system administrators but
> rather web developers with little to no interest in ssl - then it's still
> beneficial to provide a more recent cipher list, as it stops nginx users
> having to fix the software out of the box.
The default configuration provided is as secure as it can be,
assuming the rate at which nginx is generally updated and the rate
at which various new attacks tend to appear. So, unless you are
closely tracking recent attacks, it's believed to be better
strategy to stick with the default as provided, which usually
results in better security in long term.
> What specifically does nginx lose from fixing the insecure default config,
> shipping a more current example, and fixing the incorrect docs?
As previously said, the default is not insecure, and the
documentation isn't incorrect. Moreover, the default is believed
to be better than "a more current example" in a long run, as "a
more current example" tends to be new very several months, and
sometimes exactly opposite to a previous "more current" one.
More information about the nginx-devel