Default SSL protocols

Hi,

I just noticed that the SSL module enables SSLv2 by default,
"ssl_protocols SSLv2 SSLv3 TLSv1 " (see
http://wiki.nginx.org/NginxHttpSslModule#ssl_protocols).

Given that SSLv2 is generally considered “weak” these days
(http://en.wikipedia.org/wiki/Secure_Sockets_Layer#Security) and is
disabled in most modern browsers would it make sense to change the
default to “ssl_protocols SSLv3 TLSv1”?

  • Matt

Yeps I agree on that point. Wonder what the others think of this?

Just for reference/discussion, I set my SSL parameters to be as such:
ssl_protocols SSLv3 TLSv1;
ssl_ciphers HIGH:MEDIUM:!SSLv2:!aNULL:@STRENGTH;

Ray

On Sat, Oct 03, 2009 at 11:07:44PM +0100, Matt Goodall wrote:

I just noticed that the SSL module enables SSLv2 by default,
"ssl_protocols SSLv2 SSLv3 TLSv1 " (see
http://wiki.nginx.org/NginxHttpSslModule#ssl_protocols).

Given that SSLv2 is generally considered “weak” these days
(http://en.wikipedia.org/wiki/Secure_Sockets_Layer#Security) and is
disabled in most modern browsers would it make sense to change the
default to “ssl_protocols SSLv3 TLSv1”?

I thought to disable it by default some time ago.
I will disable it in next 0.8.18 version.

I would vote to only allow the highest and most secure ciphers
supported by the majority of modern search bots and browsers.

ssl on;
ssl_ciphers HIGH:!ADH:!MD5;
ssl_prefer_server_ciphers on;
ssl_protocols SSLv3;

Do not allow export controlled, anonymous or MD5 ciphers due to their
weak encryption. Allow only AES 128 or 256 bit and 3DES 168 bit. 3DES
is necessary to allow most modern search bots like Google, Yahoo and
Bing access to the site if needed.

[email protected]: openssl ciphers -ssl3 -v ‘HIGH:!ADH:!MD5:@STRENGTH
DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
DHE-DSS-AES256-SHA SSLv3 Kx=DH Au=DSS Enc=AES(256) Mac=SHA1
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1
DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1
DHE-DSS-AES128-SHA SSLv3 Kx=DH Au=DSS Enc=AES(128) Mac=SHA1
AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1

My reasoning and detailed explanations can be found at:

Guide to Webserver SSL Certificates
https://calomel.org/ssl_certs.html


Calomel @ https://calomel.org
Open Source Research and Reference

according to mcafee secure their recommended setting is this:

ssl_ciphers ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP;

i also throw in this:
ssl_protocols SSLv3 TLSv1;

this passes mcafee secure’s validation which is viewed highly
respectable by even the most paranoid enterprises.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs