chadwhitacre
commented
9 years ago I'm pretty sure this is a Heroku issue. Possibly relevant: https://github.com/gratipay/gratipay.com/issues/1460.
Closed chadwhitacre closed 9 years ago
chadwhitacre
commented
9 years ago I'm pretty sure this is a Heroku issue. Possibly relevant: https://github.com/gratipay/gratipay.com/issues/1460.
chadwhitacre
commented
9 years ago chadwhitacre
commented
9 years ago chadwhitacre
commented
9 years ago chadwhitacre
commented
9 years ago REGISTERING AVAILABLE PLUGINS
-----------------------------
PluginCertInfo
PluginOpenSSLCipherSuites
PluginHSTS
PluginSessionRenegotiation
PluginHeartbleed
PluginSessionResumption
PluginCompression
PluginChromeSha1Deprecation
CHECKING HOST(S) AVAILABILITY
-----------------------------
gratipay.com:443 => 23.23.153.27:443
SCAN RESULTS FOR GRATIPAY.COM:443 - 23.23.153.27:443
----------------------------------------------------
* SSLV2 Cipher Suites:
Rejected:
RC4-MD5 TLS / Unexpected EOF
DES-CBC3-MD5 TLS / Unexpected EOF
RC2-CBC-MD5 TCP / Received RST
IDEA-CBC-MD5 TCP / Received RST
EXP-RC4-MD5 TCP / Received RST
EXP-RC2-CBC-MD5 TCP / Received RST
DES-CBC-MD5 TCP / Received RST
* TLSV1 Cipher Suites:
Preferred:
ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits
Accepted:
ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits
AES256-SHA - 256 bits
ECDHE-RSA-RC4-SHA ECDH-256 bits 128 bits
ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits
DHE-RSA-AES128-SHA DH-1024 bits 128 bits
RC4-SHA - 128 bits
AES128-SHA - 128 bits
Rejected:
SRP-RSA-AES-256-CBC-SHA TLS / No ciphers available
SRP-RSA-AES-128-CBC-SHA TLS / No ciphers available
SRP-RSA-3DES-EDE-CBC-SHA TLS / No ciphers available
SRP-DSS-AES-256-CBC-SHA TLS / No ciphers available
SRP-DSS-AES-128-CBC-SHA TLS / No ciphers available
SRP-DSS-3DES-EDE-CBC-SHA TLS / No ciphers available
SRP-AES-256-CBC-SHA TLS / No ciphers available
SRP-AES-128-CBC-SHA TLS / No ciphers available
SRP-3DES-EDE-CBC-SHA TLS / No ciphers available
PSK-RC4-SHA TLS / No ciphers available
PSK-AES256-CBC-SHA TLS / No ciphers available
PSK-AES128-CBC-SHA TLS / No ciphers available
PSK-3DES-EDE-CBC-SHA TLS / No ciphers available
NULL-SHA256 TLS / No ciphers available
ECDHE-RSA-AES256-SHA384 TLS / No ciphers available
ECDHE-RSA-AES256-GCM-SHA384 TLS / No ciphers available
ECDHE-RSA-AES128-SHA256 TLS / No ciphers available
ECDHE-RSA-AES128-GCM-SHA256 TLS / No ciphers available
ECDHE-ECDSA-AES256-SHA384 TLS / No ciphers available
ECDHE-ECDSA-AES256-GCM-SHA384 TLS / No ciphers available
ECDHE-ECDSA-AES128-SHA256 TLS / No ciphers available
ECDHE-ECDSA-AES128-GCM-SHA256 TLS / No ciphers available
ECDH-RSA-AES256-SHA384 TLS / No ciphers available
ECDH-RSA-AES256-GCM-SHA384 TLS / No ciphers available
ECDH-RSA-AES128-SHA256 TLS / No ciphers available
ECDH-RSA-AES128-GCM-SHA256 TLS / No ciphers available
ECDH-ECDSA-AES256-SHA384 TLS / No ciphers available
ECDH-ECDSA-AES256-GCM-SHA384 TLS / No ciphers available
ECDH-ECDSA-AES128-SHA256 TLS / No ciphers available
ECDH-ECDSA-AES128-GCM-SHA256 TLS / No ciphers available
DHE-RSA-AES256-SHA256 TLS / No ciphers available
DHE-RSA-AES256-GCM-SHA384 TLS / No ciphers available
DHE-RSA-AES128-SHA256 TLS / No ciphers available
DHE-RSA-AES128-GCM-SHA256 TLS / No ciphers available
DHE-DSS-AES256-SHA256 TLS / No ciphers available
DHE-DSS-AES256-GCM-SHA384 TLS / No ciphers available
DHE-DSS-AES128-SHA256 TLS / No ciphers available
DHE-DSS-AES128-GCM-SHA256 TLS / No ciphers available
AES256-SHA256 TLS / No ciphers available
AES256-GCM-SHA384 TLS / No ciphers available
AES128-SHA256 TLS / No ciphers available
AES128-GCM-SHA256 TLS / No ciphers available
ADH-AES256-SHA256 TLS / No ciphers available
ADH-AES256-GCM-SHA384 TLS / No ciphers available
ADH-AES128-SHA256 TLS / No ciphers available
ADH-AES128-GCM-SHA256 TLS / No ciphers available
SEED-SHA TLS / Alert handshake failure
RC4-MD5 TLS / Alert handshake failure
NULL-SHA TLS / Alert handshake failure
NULL-MD5 TLS / Alert handshake failure
IDEA-CBC-SHA TLS / Alert handshake failure
EXP-RC4-MD5 TLS / Alert handshake failure
EXP-RC2-CBC-MD5 TLS / Alert handshake failure
EXP-EDH-RSA-DES-CBC-SHA TLS / Alert handshake failure
EXP-EDH-DSS-DES-CBC-SHA TLS / Alert handshake failure
EXP-DES-CBC-SHA TLS / Alert handshake failure
EXP-ADH-RC4-MD5 TLS / Alert handshake failure
EXP-ADH-DES-CBC-SHA TLS / Alert handshake failure
EDH-RSA-DES-CBC3-SHA TLS / Alert handshake failure
EDH-RSA-DES-CBC-SHA TLS / Alert handshake failure
EDH-DSS-DES-CBC3-SHA TLS / Alert handshake failure
EDH-DSS-DES-CBC-SHA TLS / Alert handshake failure
ECDHE-RSA-NULL-SHA TLS / Alert handshake failure
ECDHE-RSA-DES-CBC3-SHA TLS / Alert handshake failure
ECDHE-ECDSA-RC4-SHA TLS / Alert handshake failure
ECDHE-ECDSA-NULL-SHA TLS / Alert handshake failure
ECDHE-ECDSA-DES-CBC3-SHA TLS / Alert handshake failure
ECDHE-ECDSA-AES256-SHA TLS / Alert handshake failure
ECDHE-ECDSA-AES128-SHA TLS / Alert handshake failure
ECDH-RSA-RC4-SHA TLS / Alert handshake failure
ECDH-RSA-NULL-SHA TLS / Alert handshake failure
ECDH-RSA-DES-CBC3-SHA TLS / Alert handshake failure
ECDH-RSA-AES256-SHA TLS / Alert handshake failure
ECDH-RSA-AES128-SHA TLS / Alert handshake failure
ECDH-ECDSA-RC4-SHA TLS / Alert handshake failure
ECDH-ECDSA-NULL-SHA TLS / Alert handshake failure
ECDH-ECDSA-DES-CBC3-SHA TLS / Alert handshake failure
ECDH-ECDSA-AES256-SHA TLS / Alert handshake failure
ECDH-ECDSA-AES128-SHA TLS / Alert handshake failure
DHE-RSA-SEED-SHA TLS / Alert handshake failure
DHE-RSA-CAMELLIA256-SHA TLS / Alert handshake failure
DHE-RSA-CAMELLIA128-SHA TLS / Alert handshake failure
DHE-RSA-AES256-SHA TLS / Alert handshake failure
DHE-DSS-SEED-SHA TLS / Alert handshake failure
DHE-DSS-CAMELLIA256-SHA TLS / Alert handshake failure
DHE-DSS-CAMELLIA128-SHA TLS / Alert handshake failure
DHE-DSS-AES256-SHA TLS / Alert handshake failure
DHE-DSS-AES128-SHA TLS / Alert handshake failure
DES-CBC3-SHA TLS / Alert handshake failure
DES-CBC-SHA TLS / Alert handshake failure
CAMELLIA256-SHA TLS / Alert handshake failure
CAMELLIA128-SHA TLS / Alert handshake failure
AECDH-RC4-SHA TLS / Alert handshake failure
AECDH-NULL-SHA TLS / Alert handshake failure
AECDH-DES-CBC3-SHA TLS / Alert handshake failure
AECDH-AES256-SHA TLS / Alert handshake failure
AECDH-AES128-SHA TLS / Alert handshake failure
ADH-SEED-SHA TLS / Alert handshake failure
ADH-RC4-MD5 TLS / Alert handshake failure
ADH-DES-CBC3-SHA TLS / Alert handshake failure
ADH-DES-CBC-SHA TLS / Alert handshake failure
ADH-CAMELLIA256-SHA TLS / Alert handshake failure
ADH-CAMELLIA128-SHA TLS / Alert handshake failure
ADH-AES256-SHA TLS / Alert handshake failure
ADH-AES128-SHA TLS / Alert handshake failure
SCAN COMPLETED IN 0.82 S
------------------------The output doesn't match exactly, but I suppose these are the relevant lines:
* TLSV1 Cipher Suites:
Accepted:
ECDHE-RSA-RC4-SHA ECDH-256 bits 128 bits
RC4-SHA - 128 bits Sent:
I ran sslyze, and while the output I'm seeing doesn't exactly line up with what I received from you (maybe we're using different versions of sslyze?), I do see that we accept 128-bit ECDHE-RSA-RC4-SHA and RCA-SHA. However, your report recommends against, "[a]ny cipher suite that has a key size smaller than 128 bits." That sounds to me like 64 bits would be a problem, but 128 bits is acceptable. Can you clarify, please?
chadwhitacre
commented
9 years ago Blech, s/RCA/RC4. :/
chadwhitacre
commented
9 years ago And anyway I'm not sure we can do anything about this. I think we point the researcher to Heroku.
chadwhitacre
commented
9 years ago chadwhitacre
commented
9 years ago chadwhitacre
commented
9 years ago Filed with Heroku support:
We've received a report from a security researcher informing us that we support weak ciphers (ECDHE-RSA-RC4-SHA and RC4-SHA). I've confirmed his results, and have found this relevant discussion thread: it appears that Heroku is using Amazon's default security policy, which until last month included the offending ciphers. Any ETA on when we'll be upgraded to the new security policy, or will otherwise see RC4 dropped?
Thanks! :-)
chadwhitacre
commented
9 years ago Replied on the Heroku discussion post:
Looks like Amazon released a new predefined security policy last month, and it drops ECDHE-RSA-RC4-SHA and RC4-SHA. I've made a Heroku ticket to ask them how long until they upgrade to Amazon's new policy or otherwise drop RC4.
chadwhitacre
commented
9 years ago Sent to researcher:
Okay, it looks like the issue is with RC4, not with the bit size. We are hosted on Heroku, and I have reported the issue upstream to them. Here is a relevant thread on Heroku's public discussion forum:
https://discussion.heroku.com/t/disable-ssl-support-for-rc4-ciphers-pci-failure/892
chadwhitacre
commented
9 years ago I'm considering this blocked on Heroku for now.
chadwhitacre
commented
9 years ago Hello Chad, Unfortunately we don't have an exact ETA, we're waiting for an updated policy from AWS that disables RC4 but includes IE8 support. Hopefully we'll receive it and roll it out within the next couple of weeks. Thanks, -Platform Security
chadwhitacre
commented
9 years ago Amazon has another new security policy, which afaict drops ECDHE-RSA-RC4-SHA and RC4-SHA while adding back DES-CBC3-SHA—maybe that's the IE8 support Heroku was waiting for?
chadwhitacre
commented
9 years ago I'm still seeing sslyze report that ECDHE-RSA-RC4-SHA and RC4-SHA are accepted ciphers.
chadwhitacre
commented
9 years ago I've updated these Heroku threads:
chadwhitacre
commented
9 years ago We're working on pushing a change out soon to update to the latest Amazon TLS profile. We'll let you know when the new profile is updated on our end.
chadwhitacre
commented
9 years ago Done! :dancer:
Reported in private email to chad@zetaweb.com: