strong ssl ciphers - browsers
jim at ohlste.in
Tue May 8 23:23:06 UTC 2012
On 5/8/12 6:15 PM, Lukas Tribus wrote:
> Hi Hajo,
> BEAST has nothing todo with weak ciphers. Because the workaround is to prefer RC4 over AES from the server side, you are not excluding any browsers (however, a short check with the oldest supported platform isn't a bad idea either).
My advice to the OP is that if you want to provide secure connections
for your users, you will simply not support browsers that *only* use
insecure ciphers so I believe this is a non-issue. I wouldn't purport to
provide a "secure" connection with an insecure cipher. Let your users
upgrade to a a 21st century browser. Shame on them if they haven't.
> I noticed the documentation about the default of the ssl_ciphers keyword isn't up-to-date: !ADH was replaced with !aNULL in 1.0.5 . Can someone update the docs?
Somewhat off topic but:
Perhaps it is reasonable to suggest that another change to the defaults
in light of BEAST.
We use OpenSSL 1.01 and support TLS versions 1.0,1.1, and 1.2 and use
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
Using latest Opera of IE browsers TLS v1.2 is used along with one of the
first two ciphers which I believe are not available in SSL v3.0 or TLS
v1.0. Since TLS v1.2 is not vulnerable to BEAST those connections should
In browsers like Firefox and Chrome (and presumably Safari, but I don't
know how to tell), TLS v1.0 is used and an RC4 cipher is selected. This
again provides protection against beast.
While this approach won't work for users without a recent OpenSSL
release, the following might work for earlier versions as "more secure"
>  http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_ciphers
>  http://forum.nginx.org/read.php?29,206670,207923
More information about the nginx