crazy-william
commented
8 years ago Should we use NULL:RC4:AES128:-DHE or ALL:-aNULL as default?
Open droe opened 8 years ago
crazy-william
commented
8 years ago Should we use NULL:RC4:AES128:-DHE or ALL:-aNULL as default?
droe
commented
8 years ago Neither seems to be adequate. I am thinking more along the lines of MEDIUM:HIGH. I aim for a decent rating without major issues on https://www.ssllabs.com/ssltest/viewMyClient.html in the default configuration. That includes allowing both DHE and ECDHE by default.
crazy-william
commented
8 years ago Can we transfer the cipher from client request to real server?
droe
commented
8 years ago Now there's an interesting thought. The answer is yes, if we extend the ClientHello parser that currently parses the SNI hostname to also extract the requested cipher suites. We'd then have to trim down the list to those cipher suites actually supported by the version of OpenSSL in use, and inject it into the outbound connection SSL context. Slightly tricky but very doable.
crazy-william
commented
8 years ago Thanks for support this. High hopes for that.
droe
commented
8 years ago I moved the idea of copying the client's cipher suites into the server connection to a separate issue in order to keep this issue scoped on modernizing the defaults.
crazy-william
commented
8 years ago Finally I choose "DEFAULT:-aNULL:-RC4" for DFLT_CIPHERS, and Cipher Suites in ssltest page goes no red now.
droe
commented
6 years ago Related: #189 - sslsplit now uses SHA-256 as a fallback hash algorithm if the upstream server certificate uses a different key type than the configured sslsplit CA. If they match, the hash algo is still copied from the upstream server certificate, as before.
SSLsplit should cease supporting legacy ciphers by default, e.g. export ciphers. This also includes weak temporary RSA and DH keys and default generated RSA leaf key size. It should be possible to enable legacy ciphers and sizes explicitly, but not by default.