Closed jvehent closed 5 years ago
Yeah, the shorter list is much better.
I can always send people to Server Side TLS 4.0 if they want even older systems.
I would not do that proactively. It's enough to answer any questions that arise.
Awesome, thanks! I’ll get this published tomorrow morning and then will publicize the changes on Monday. I really appreciate your feedback!
This has been merged and published. It's been a tough 2.5 year slog, but thanks to everyone's hard work we have finally gotten there. I really appreciate it.
@april why ecdsa and not ed25519?
see https://github.com/Neilpang/acme.sh/issues/2350#issuecomment-514218380
It's impossible to do so, that's why. There aren't any CAs that issue Ed25519 certificates.
Brainstorming issue for changes planned for v5 of the guidelines. A few things should be discussed:
Removing 3DES from the intermediate level. Data shows that TLSv1 DES-CBC3-SHA represents 2.8% of traffic on mozilla.org, a site designed to receive old traffic. I think we can start moving this forward.
Removing DHE from the intermediate level, and keeping only one non-PFS ciphersuite: AES128-SHA.
Removing RSA from the modern guidelines. ECDSA should be the norm and enough clients support it: Firefox 27, Chrome 30, Edge 12, IE 11, Safari 5, Opera 17, Android 4.4.2, OpenSSL 1.0.1h and Java 8b132
Adding
X25519
to TLS curves on all levels. Maybe next year we'll have some certificate support 🙏Removing
secp521r1
from all TLS curves and certificates. It's never used and there's some concern about its security.Requiring the use of certificate authorities that issue CT logs, on all levels. This is new, the phrasing needs work, as do the testing tools, but it's an important requirement that I think we should add.
I'm wondering if we should require short lived certs and key rotation. 90 days max for modern level, 2 years for intermediate. This is going to annoy people, but the security benefit is there to support it.
Anything else I forgot?