Hi Michael and Peter,
Actually I proposed that in the discussion to another patch, but Wolfgang said that we would exclude too many systems.
I still think that there might be too many clients, which do not have support for TLS 1.2. I would suggest postponing this step to next year.
Also, for the modern configuration, we should edit the SSLProtocol value: SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 This allows anyone to understand that only TLSv1.2+ is supported.
Regarding the re-ordering of the cipher suites: ECDHE-ECDSA is not always faster than ECDHE-RSA. It depends on the size of the EC and the RSA key. Although I'm assuming that a 4096-bit key is quite slow... I somewhere read that 2048-bit RSA is faster than 256-bit curve. We are using a 4096-bit RSA together with a 384-bit curve. Did anyone perform some measurements?
Did you see that conversation?
And I really thought that maybe my mail did not make it through after reading the patch...
Best regards, Wolfgang
On Tue, 2017-11-07 at 20:51 +0100, Peter Müller wrote:
Change the TLS cipher list of Apache to "Mozilla Modern".
ECDSA is preferred over RSA to save CPU time on both server and client. Clients without support for TLS 1.2 and AES will experience connection failures.
Signed-off-by: Peter Müller peter.mueller@link38.eu
config/httpd/vhosts.d/ipfire-interface-ssl.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/config/httpd/vhosts.d/ipfire-interface-ssl.conf b/config/httpd/vhosts.d/ipfire-interface-ssl.conf index c9ccd5be5..d08d3d2bb 100644 --- a/config/httpd/vhosts.d/ipfire-interface-ssl.conf +++ b/config/httpd/vhosts.d/ipfire-interface-ssl.conf @@ -9,7 +9,7 @@ TransferLog /var/log/httpd/access_log SSLEngine on SSLProtocol all -SSLv2 -SSLv3
- SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA
-AES128-SHA:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:EC DHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA2 56:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-S HA384:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA: CAMELLIA128-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256 -SHA
- SSLCipherSuite
- ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-EC
- DSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-S
- HA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-
- RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA25
- 6 SSLHonorCipherOrder on SSLCertificateFile /etc/httpd/server.crt SSLCertificateKeyFile /etc/httpd/server.key