[Pkg-openssl-devel] Bug#778747: Bug#778747: Bug#778747: openssl: RFC 7465 says RC4 is broken, never to be used

[Kurt Roeckx]

On Sat, Feb 21, 2015 at 12:38:01PM +0100, Vincent Bernat wrote:
>  ? 21 février 2015 10:49 +0100, Kurt Roeckx <kurt at roeckx.be> :
> 
> >> > Please note that RC4 in the default configuration should never be
> >> > negiotated by modern clients and servers.  The problem is
> >> > administrators who think they know better changed somethign not to
> >> > use the defaults.  If we adjust the defaults it's not going to fix
> >> > anything.
> >> 
> >> Many administrators don't use the defaults because the defaults are most
> >> of the time inappropriate for a web server. At some time, RC4 was widely
> >> advertised as the preferred cipher because it was immune to BEAST and
> >> supported by all browsers from IE6.
> >
> > The defaults are good enough, as long as you don't really care
> > about PFS because IE doesn't have those at the top of it's list.
> > If you just change it to prefer the default server ordering you
> > should already have a decent list, but it prefers AES256 over
> > AES128 while there is no need for that.
> 
> PFS, performances and A+ note on Qualys SSL test. This may be a bit less
> true today since most browsers are now supporting ECDHE ciphers but it
> still holds, I think.

Do you know what the minimum changes requirements are to get an
A(+)?
I'm guessing it requires at least this in wheezy:
- SSLProtocol all -SSLv3
- SSLHonorCipherOrder off

It might require you to disable RC4, but if that's the case we
should probably talk to Qualsys about it.

And in jessie the first shouldn't be needed.  If SSLv3 is enabled
you're capped to grade B.  If you negiotate RC4 with any of the
clients I can also understand the B.  And if you honor the cipher
order list of the client you will be capped to grade A- if you
have any suite that doesn't support PFS.


Kurt