On Saturday 28 February 2015 01:03:39 nellie.pet...@safe-mail.net wrote: > I am using Marlene Pratt's "Proposal to Remove legacy TLS Ciphersuits > Offered by Firefox" from 13 Dec 2013 on dev-tech-crypto mailing list as a > guideline. > > I present a proposal to remove some legacy ciphersuites from the initial > handshake presented by Firefox. > > In Firefox 36, we have removed RC4 from the initial handshake, as well as > implemented a secondary/fallback handshake for badly configured servers. > > I have read the updated version of best current practices regarding > Recommendations for Secure Use of TLS and DTLS: > > https://tools.ietf.org/html/draft-ietf-uta-tls-bcp-11 > > These are the default available ciphersuites in Firefox 36.0: > > C02B TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 > C02F TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 > C00A TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA > C009 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA > C013 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA > C014 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA > 0033 TLS_DHE_RSA_WITH_AES_128_CBC_SHA > 0032 TLS_DHE_DSS_WITH_AES_128_CBC_SHA > 0039 TLS_DHE_RSA_WITH_AES_256_CBC_SHA > 002F TLS_RSA_WITH_AES_128_CBC_SHA > 0035 TLS_RSA_WITH_AES_256_CBC_SHA > 000A TLS_RSA_WITH_3DES_EDE_CBC_SHA > > I propose removal of the following ciphersuite: > > 0032 TLS_DHE_DSS_WITH_AES_128_CBC_SHA > > because DSS (the non-EC version) is obsolete, and based on preliminary > telemetry and Pulse data is not being negotiated at all with any servers > out there. My testing indicates that there are no public nor private > servers that would support only this ciphersuit - please provide some data > if you think otherwise. > > I also propose removing the following ciphersuit: > > 000A TLS_RSA_WITH_3DES_EDE_CBC_SHA > > because 3DES is a cipher that requires too much computing power compared to > AES, much more computer memory, lacks hardware acceleration on servers, is > rarely negotiated, has had its bitstrenght reduced below 128bits, and its > removal is on track with avoiding (and eventually removing) RSA key > exchange. Additionally, the servers that support (or even prefer!) 3DES > always support some AES ciphersuit too.
Not true. In Alexa top 1 million I found at least 439 servers which support only 3DES and have valid certificates. If Firefox removes RC4, I'm sure that this will make this number effectively only larger (80% of servers still support RC4, 15% prefer RC4 over any and all ciphers). -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
