Ssl_dhparam compatibility issues?

I’m using Mozilla’s “Old backward compatibility” ssl_ciphers so I feel
good about my compatibility there, but does the following open me up
to potential compatibility problems:

openssl dhparam -out dhparams.pem 2048

nginx.conf:
ssl_dhparam {path to dhparams.pem}

https://wiki.mozilla.org/Security/Server_Side_TLS

  • Grant

On 2015-05-23 11:19, Grant wrote:

I’m using Mozilla’s “Old backward compatibility” ssl_ciphers so I
feel
good about my compatibility there, but does the following open me up
to potential compatibility problems:

openssl dhparam -out dhparams.pem 2048

DHE params larger than 1024 bits are not compatible with java 6/7
clients.
If you need compatibility with those clients, use a DHE of 1024 bits,
or disable DHE entirely.

  • Julien

I’m using Mozilla’s “Old backward compatibility” ssl_ciphers so I feel
good about my compatibility there, but does the following open me up
to potential compatibility problems:

openssl dhparam -out dhparams.pem 2048

DHE params larger than 1024 bits are not compatible with java 6/7 clients.
If you need compatibility with those clients, use a DHE of 1024 bits, or
disable DHE entirely.

My server is open to the internet so I’d like to maintain
compatibility with as many clients as possible, but I don’t serve any
java apps. Given that, will DHE params larger than 1024 bits affect
my compatibility?

If so, I believe a DHE of 1024 bits opens me to the LogJam attack, so
if I disable DHE entirely will that affect my compatibility?

  • Grant

You’re entirely misunderstanding logjam.

The actual logjam attack refers to a flaw in the tls protocol that would
allow mitm attackers to downgrade a connection to an export cipher. This
is only possible if your server supports export-grade ciphers, which it
should not if you’re following mozillas guide.

Using a 1024 bit dh param does not “open you” to any attack. According
to the authors of the freak/logjam disclosure, use of a common 1024 bit
dh param potentially allows for threats from nation-state adversaries.
If you’ve pissed off the NSA, forget about legacy comparability with
java nonsense and use a custom 2048 (or higher) param. If you’re
paranoid about supporting grandmas java app, stick with the default.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs