Ciphers marked weak by SSL Labs

cloudflare / sslconfig

Cloudflare's Internet facing SSL configuration

BSD 3-Clause "New" or "Revised" License

1.3k stars 132 forks source link

Ciphers marked weak by SSL Labs #98

Open mattwwarren opened 6 years ago

mattwwarren commented 6 years ago

The follower ciphers have been marked as Weak by ssllabs and while it does not result in a lower grade, I wanted to get Cloudflare's opinion on deprecating support for these ciphers:

TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA256

I believe this would require removing the following from ssl_ciphers: RSA+AES128 and RSA+AES256

Thanks in advance!

injust commented 6 years ago

Pretty sure this repository is just for Cloudflare to open-source their config and patches, and that they don't take contributions (except for a few updated patches).

mattwwarren commented 6 years ago

Not necessarily expecting the change to happen but considering that they position themselves as a global leader in internet security, I was curious to hear their opinion on deprecating the ciphers.

hakasenyang commented 6 years ago

What do you think about this method?

Weak ciphers apply only to TLSv1.

Ex) https://www.ssllabs.com/ssltest/analyze.html?d=hakase.io

omerlh commented 4 years ago

I'm also seeing weak ciphers on TLS 1.2:

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH x25519 (eq. 3072 bits RSA) FS WEAK	128
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) ECDH x25519 (eq. 3072 bits RSA) FS WEAK	128
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) WEAK	128
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) WEAK	128
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c) WEAK	128
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH x25519 (eq. 3072 bits RSA) FS WEAK	256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) ECDH x25519 (eq. 3072 bits RSA) FS WEAK	256
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) WEAK	256
TLS_RSA_WITH_AES_256_CBC_SHA (0x35) WEAK	256

TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d) WEAK

Any plan to handle it?

grodriguezl commented 2 years ago

Any news about this?

nickysemenza commented 2 years ago

Hi! while we do sometimes remove ciphers completely, we try to have defaults that are as backward compatible as possible (i.e. towards devices where the weak ciphers are the best they have). This config is the default for us though, we currently allow customers to change the minimum TLS version or restrict the ciphers offered on their zone to a subset of the ones that we support: https://developers.cloudflare.com/ssl/ssl-tls/cipher-suites/#disable-cipher-suites. Some take advantage of this for policy reasons, others to boost their SSL Labs score.