Default SSL protocols
Michael Shadle
mike503 at gmail.com
Tue Oct 6 23:32:34 MSD 2009
according to mcafee secure their recommended setting is this:
ssl_ciphers ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP;
i also throw in this:
ssl_protocols SSLv3 TLSv1;
this passes mcafee secure's validation which is viewed highly
respectable by even the most paranoid enterprises.
On Tue, Oct 6, 2009 at 12:09 PM, Calomel Org <faraday at calomel.org> wrote:
> I would vote to only allow the highest and most secure ciphers
> supported by the majority of modern search bots and browsers.
>
> ssl on;
> ssl_ciphers HIGH:!ADH:!MD5;
> ssl_prefer_server_ciphers on;
> ssl_protocols SSLv3;
>
> Do not allow export controlled, anonymous or MD5 ciphers due to their
> weak encryption. Allow only AES 128 or 256 bit and 3DES 168 bit. 3DES
> is necessary to allow most modern search bots like Google, Yahoo and
> Bing access to the site if needed.
>
> user at machine: openssl ciphers -ssl3 -v 'HIGH:!ADH:!MD5:@STRENGTH'
> DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
> DHE-DSS-AES256-SHA SSLv3 Kx=DH Au=DSS Enc=AES(256) Mac=SHA1
> AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
> EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
> EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1
> DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
> DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1
> DHE-DSS-AES128-SHA SSLv3 Kx=DH Au=DSS Enc=AES(128) Mac=SHA1
> AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
>
>
> My reasoning and detailed explanations can be found at:
>
> Guide to Webserver SSL Certificates
> https://calomel.org/ssl_certs.html
>
> --
> Calomel @ https://calomel.org
> Open Source Research and Reference
>
>
> On Sun, Oct 04, 2009 at 03:53:11PM -0400, Igor Sysoev wrote:
>>On Sat, Oct 03, 2009 at 11:07:44PM +0100, Matt Goodall wrote:
>>
>>> I just noticed that the SSL module enables SSLv2 by default,
>>> "ssl_protocols SSLv2 SSLv3 TLSv1 " (see
>>> http://wiki.nginx.org/NginxHttpSslModule#ssl_protocols).
>>>
>>> Given that SSLv2 is generally considered "weak" these days
>>> (http://en.wikipedia.org/wiki/Secure_Sockets_Layer#Security) and is
>>> disabled in most modern browsers would it make sense to change the
>>> default to "ssl_protocols SSLv3 TLSv1"?
>>
>>I thought to disable it by default some time ago.
>>I will disable it in next 0.8.18 version.
>>
>>
>>--
>>Igor Sysoev
>>http://sysoev.ru/en/
>
>
More information about the nginx
mailing list