search

isvsecwatch / httpstracker

Our main issue tracker for ISV security issues, such as the SSL/TLS configuration of their online stores.
3 stars 0 forks source link

gpg4win.org - main website #17

Closed kyhwana closed 9 years ago

kyhwana commented 9 years ago

gpg4win.org which has Windows GnuPG binaries has an untrusted cert: https://www.ssllabs.com/ssltest/analyze.html?d=gpg4win.org

Cert is untrusted, is using SHA1, uses RC4 and has weak DH parameters. It scores a T on SSLLABS. If the trust issues are ignored, it get's a B.

sindarina commented 9 years ago

Cipherscan Results

Target: gpg4win.org:443

prio  ciphersuite                  protocols              pfs_keysize
1     ECDHE-RSA-AES256-GCM-SHA384  TLSv1.2                ECDH,P-256,256bits
2     ECDHE-RSA-AES256-SHA384      TLSv1.2                ECDH,P-256,256bits
3     ECDHE-RSA-AES256-SHA         TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
4     DHE-RSA-AES256-GCM-SHA384    TLSv1.2                DH,1024bits
5     DHE-RSA-AES256-SHA256        TLSv1.2                DH,1024bits
6     DHE-RSA-AES256-SHA           TLSv1,TLSv1.1,TLSv1.2  DH,1024bits
7     DHE-RSA-CAMELLIA256-SHA      TLSv1,TLSv1.1,TLSv1.2  DH,1024bits
8     AES256-GCM-SHA384            TLSv1.2
9     AES256-SHA256                TLSv1.2
10    AES256-SHA                   TLSv1,TLSv1.1,TLSv1.2
11    CAMELLIA256-SHA              TLSv1,TLSv1.1,TLSv1.2
12    ECDHE-RSA-AES128-GCM-SHA256  TLSv1.2                ECDH,P-256,256bits
13    ECDHE-RSA-AES128-SHA256      TLSv1.2                ECDH,P-256,256bits
14    ECDHE-RSA-AES128-SHA         TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
15    DHE-RSA-AES128-GCM-SHA256    TLSv1.2                DH,1024bits
16    DHE-RSA-AES128-SHA256        TLSv1.2                DH,1024bits
17    DHE-RSA-AES128-SHA           TLSv1,TLSv1.1,TLSv1.2  DH,1024bits
18    DHE-RSA-CAMELLIA128-SHA      TLSv1,TLSv1.1,TLSv1.2  DH,1024bits
19    AES128-GCM-SHA256            TLSv1.2
20    AES128-SHA256                TLSv1.2
21    AES128-SHA                   TLSv1,TLSv1.1,TLSv1.2
22    CAMELLIA128-SHA              TLSv1,TLSv1.1,TLSv1.2
23    ECDHE-RSA-RC4-SHA            TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
24    ECDHE-RSA-DES-CBC3-SHA       TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
25    EDH-RSA-DES-CBC3-SHA         TLSv1,TLSv1.1,TLSv1.2  DH,1024bits
26    DES-CBC3-SHA                 TLSv1,TLSv1.1,TLSv1.2

Certificate: UNTRUSTED, 2048 bit, sha1WithRSAEncryption signature
TLS ticket lifetime hint: 300
OCSP stapling: not supported
Client side cipher ordering

Cipherscan Results (Analysis)

gpg4win.org:443 has bad ssl/tls

Things that are bad:
* remove cipher ECDHE-RSA-RC4-SHA
* remove cipher EDH-RSA-DES-CBC3-SHA
* don't use an untrusted or self-signed certificate

Changes needed to match the intermediate level:
* remove cipher ECDHE-RSA-RC4-SHA
* remove cipher ECDHE-RSA-DES-CBC3-SHA
* remove cipher EDH-RSA-DES-CBC3-SHA
* consider using a SHA-256 certificate
* consider using DHE of at least 2048bits and ECC of at least 256bits
* consider enabling OCSP Stapling
* enforce server side ordering

Changes needed to match the modern level:
* remove cipher DHE-RSA-CAMELLIA256-SHA
* remove cipher AES256-GCM-SHA384
* remove cipher AES256-SHA256
* remove cipher AES256-SHA
* remove cipher CAMELLIA256-SHA
* remove cipher DHE-RSA-CAMELLIA128-SHA
* remove cipher AES128-GCM-SHA256
* remove cipher AES128-SHA256
* remove cipher AES128-SHA
* remove cipher CAMELLIA128-SHA
* remove cipher ECDHE-RSA-RC4-SHA
* remove cipher ECDHE-RSA-DES-CBC3-SHA
* remove cipher EDH-RSA-DES-CBC3-SHA
* remove cipher DES-CBC3-SHA
* disable TLSv1
* use a SHA-256 certificate
* use DHE of at least 2048bits and ECC of at least 256bits
* consider enabling OCSP Stapling
* enforce server side ordering
sindarina commented 9 years ago

Notified 'intevation@intevation.de' via email, suggested that they fix this and switch to always-on HTTPS for the entire website, which would also include HSTS. Perhaps they will be more receptive than Werner Koch.

sindarina commented 9 years ago

No response, no change.

gpg4win.org:443 has bad ssl/tls

Things that are bad:
* remove cipher ECDHE-RSA-RC4-SHA
* remove cipher EDH-RSA-DES-CBC3-SHA
* don't use an untrusted or self-signed certificate

Changes needed to match the intermediate level:
* remove cipher ECDHE-RSA-RC4-SHA
* remove cipher ECDHE-RSA-DES-CBC3-SHA
* remove cipher EDH-RSA-DES-CBC3-SHA
* consider using a SHA-256 certificate
* consider using DHE of at least 2048bits and ECC of at least 256bits
* consider enabling OCSP Stapling
* enforce server side ordering

Changes needed to match the modern level:
* remove cipher DHE-RSA-CAMELLIA256-SHA
* remove cipher AES256-GCM-SHA384
* remove cipher AES256-SHA256
* remove cipher AES256-SHA
* remove cipher CAMELLIA256-SHA
* remove cipher DHE-RSA-CAMELLIA128-SHA
* remove cipher AES128-GCM-SHA256
* remove cipher AES128-SHA256
* remove cipher AES128-SHA
* remove cipher CAMELLIA128-SHA
* remove cipher ECDHE-RSA-RC4-SHA
* remove cipher ECDHE-RSA-DES-CBC3-SHA
* remove cipher EDH-RSA-DES-CBC3-SHA
* remove cipher DES-CBC3-SHA
* disable TLSv1
* use a SHA-256 certificate
* use DHE of at least 2048bits and ECC of at least 256bits
* consider enabling OCSP Stapling
* enforce server side ordering
sindarina commented 9 years ago

No change.

sindarina commented 9 years ago

No change.

sindarina commented 9 years ago

No change.

sindarina commented 9 years ago

Unlikely to be resolved, closing it as such.