On 31/03/2016 15:49, Konstantin Kolinko wrote: > 2016-03-31 17:16 GMT+03:00 Apache Wiki <wikidi...@apache.org>: >> Dear Wiki user, >> >> You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for >> change notification. >> >> The "Security/Ciphers" page has been changed by markt: >> https://wiki.apache.org/tomcat/Security/Ciphers?action=diff&rev1=14&rev2=15 >> >> Comment: >> Update the Tomcat 8.5 results. Split out JSSE, JSSE+OpenSSL and OpenSSL into >> separate tables >> >> >> There is no right choice since there are always trade-offs to make between >> better security better interoperability, better performance etc.. Where you >> choose to draw that line is a choice you need to make. The following >> information is provided to help you make that choice. The ratings provided >> are those calculated by the excellent [[https://www.ssllabs.com/ssltest|SSL >> Labs Test]]. Keep in mind that, as more vulnerabilities are discovered, >> these ratings are only ever going to get worse over time. The results shown >> on this page were correct at the time they were generated. >> >> - As of May 2015, 1024-bit DHE is >> [[https://www.schneier.com/blog/archives/2015/05/the_logjam_and_.html|considered]] >> [[https://weakdh.org/imperfect-forward-secrecy.pdf|breakable]] by >> nation-state adversaries. 2048-bit DHE is recommended. 2048-bit DHE may be >> configured with JSSE connectors (BIO, NIO, NIO2) using JVM parameter, and >> for APR connector Apache Tomcat Native Library 1.2.2 (or later) should be >> used. > > > 1). The above note was removed...
That was deliberate. We don't explain the reason for any of the other exclusions and DHE key size, where it matters, is referenced in the notes. >> + == BIO/NIO/NIO2 with JSSE Results (Default) == >> >> >> + == NIO/NIO2 with JSSE+OpenSSL Results (Default) == >> + >> + || || Java 5 || Java 6 || Java 7 || Java 8 || >> + || Tomcat 8.5 || N/A || N/A || A || A || >> + || Tomcat 9 || N/A || N/A || N/A || A || >> + >> + >> - Note: Tomcat 9 with JSSE/OpenSSL and JSSE config requires a 1.2.6 >> tc-native release to achieve an A since, without it, the full certificate >> chain is not presented to the client. >> + Note: JSSE+OpenSSL and JSSE config requires a 1.2.6 tc-native release to >> achieve an A since, without it, the full certificate chain is not presented >> to the client. >> + >> + The equivalent OpenSSL cipher configurations used to obtain the above >> results are: >> + >> + || Java 7 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA:!DHE || >> + || Java 8 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA || >> + >> + Note: Java 7 DHE ciphers sue a 768 bit DH key which is considered insecure >> which is why those ciphers are excluded only for Java 7. > > 2). Typo: s/ sue / use / Will be fixed in the next commit. > 3). I do not understand the above Note. This section is > "JSSE+OpenSSL", so it uses OpenSSL ciphers. The Java SSE > implementation of those should not matter. That note was in the wrong section. With so much editing going on I missed that. Will be fixed in the next commit. > To add here: > Oracle Java 8 documentation to change size of a EDH key: > > https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#customizing_dh_keys > > The system property name is "jdk.tls.ephemeralDHKeySize". Tomcat now sets this by default (at least it does for 8, 8.5 and 9 and will be 7 and 6 by the time I have finished this exercise) so I don't think it is worthy of an explicit mention here. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
