disabling certain ciphers
Darren Pilgrim
list_dovecot at bluerosetech.com
Tue Dec 2 16:33:55 UTC 2014
On 12/2/2014 1:32 AM, Reindl Harald wrote:
>
> Am 02.12.2014 um 06:44 schrieb Will Yardley:
>> On Mon, Dec 01, 2014 at 09:27:48PM -0800, Darren Pilgrim wrote:
>>> On 12/1/2014 4:43 PM, Will Yardley wrote:
>>>> Can you use both ssl_protocols *and* ssl_cipher_list in the same config
>>>> (in a way that's sane)?
>>>
>>>> Is there a way to exclude these ciphers, while still keeping my config
>>>> easy to parse and avoiding duplicative or deprecated configs?
>>>
>>> Yes to both. If you need to support older clients:
>>>
>>> ssl_cipher_list = HIGH:!RC4:!MD5:!SRP:!PSK:!aNULL:@STRENGTH
>>> ssl_dh_parameters_length = 2048
>>> ssl_parameters_regenerate = 0
>>> ssl_protocols = !SSLv2 !SSLv3 TLSv1 TLSv1.1 TLSv1.2
>>
>> But why does ssl_protocols behave differently depending on if
>> $ssl_cipher_list is defined? Shouldn't !SSLv2 and !SSLv3 be sufficient?
>>
>> It seems that if ssl_cipher_list is defined,
>> ssl_protocols = !SSLv2 !SSLv3
>>
>> results in TLS1.2 being the only one active, but if it is defined, 1.0,
>> 1.1, and 1.2 are all active?
>
> ssl_protocols = !SSLv2 !SSLv3
>
> and you are fine, aynthing else is nonsense because when TLSv1.3 will be
> released you go to each and every server to add it to the config? likely
> not!
Configuration management. :)
Also, no, you need to do more than just disable SSLv3. You need to
disable several cipher groups allowed in TLSv1.0 and TLSv1.1, bump up
the DH parameter size, and, if your client base allows it, only allow
ciphers with forward secrecy.
More information about the dovecot
mailing list