[Pkg-openssl-devel] Bug#736687: Bug#736687: libssl1.0.0: default cipher list contains insecure ciphers
Sebastian Andrzej Siewior
sebastian at breakpoint.cc
Thu Apr 21 20:21:44 UTC 2016
On 2014-01-26 12:07:52 [+0100], Kurt Roeckx wrote:
> > An acceptable default would be HIGH:MEDIUM:!aNULL:!eNULL:!MD5.
>
> Even that will not be good enough for some people, but it would
> clerly be better than the current defaults.
>
> I guess the problem with changing the default is that nobody is
> using the default because it doesn't make any sense, so the impact
> of changing the default in openssl will be small.
>
> I would also like to point out that the !MD5 there only disables
> RC4-MD5 and RC4 is the weakest part and that there is nothing
> wrong with the use of MD5 like it is there.
RFC6151 kind of deprecates the usage of MD5.
> I also have to disagree with your comment in #736287 about
> IE on XP. It does not support anything that provides 128 bit of
> security. 3DES only has 112 bit, and everybody recommends
> disabling RC4. For the rest it also only supports weak ciphers.
yup, RC4 should go.
> Anyway, I'm open to have the defaults changed in Debian even if
> upstream doesn't want to do it. I wonder if I have to go with the
> bettercrypto.org recommendations in that case and so also disable
> RC4, 3DES and SEED. But I find myself wanting to do GCM only and
> go for their configuration A.
What is wrong with SEED? Just that nobody is using it?
If I grep my logs I see iPhone OS 8_1_1 doing ECDHE-RSA-AES256-SHA384
and some bots doing TLSv1. Everyone else seems to go for GCM.
>
> Kurt
>
Sebastian
More information about the Pkg-openssl-devel
mailing list