Author dstufft
Recipients alex, benjamin.peterson, christian.heimes, dstufft, ezio.melotti, lemburg, ncoghlan, pitrou, r.david.murray, vstinner
Date 2014-03-20.17:54:57
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1395338098.13.0.816770077606.issue20995@psf.upfronthosting.co.za>
In-reply-to
Content
Yea I noticed that, so I was doing some more testing, here's what I think we should be using (It Adds back in RC4):

ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:ECDH+RC4:DH+RC4:RSA+RC4!aNULL:!MD5:!DSS

This gives us everything that DEFAULT:!aNULL:!eNULL:!LOW:!EXPORT:!SSLv2 does except for the ciphers list here https://gist.github.com/dstufft/251dbeb8962e2182e668 on my OpenSSL 1.0.1f install.

Antoine, your cipher string priortizes ECDHE RC4 over DHE AES or even just plain AES. The string I'm proposing has been carefully crafted in order to get the ciphers in a very particular order. That order is basically - 1) Security of the cipher itself 2) PFS 3) Performance while also maintaining compatibility both forwards and backwards.

RC4 is in a precarious condition and it's use should be heavily discouraged. It is still required in some cases which is why my revised default cipher suggestion includes it, but at the end as a last fall back. At that point if RC4 gets selected it's the servers fault and the client did everything it could except refuse.

I still do believe that this should be the default ciphers while my original string should be the "restricted" ciphers that create_default_context() uses.
History
Date User Action Args
2014-03-20 17:54:58dstufftsetrecipients: + dstufft, lemburg, ncoghlan, pitrou, vstinner, christian.heimes, benjamin.peterson, ezio.melotti, alex, r.david.murray
2014-03-20 17:54:58dstufftsetmessageid: <1395338098.13.0.816770077606.issue20995@psf.upfronthosting.co.za>
2014-03-20 17:54:58dstufftlinkissue20995 messages
2014-03-20 17:54:57dstufftcreate