gnupg website

Julien Vehent julien at vehent.org
Thu Jan 26 20:15:57 CET 2017 

Hello,

I'm the maintainer of the Server Side TLS guidelines at Mozilla. I'm
happy to help with the HTTPS setup of gnupg.org in any way I can.

Here's the configuration currently measures by the TLS Observatory,
along with some recommendations to reach Modern level.

	--- Ciphers Evaluation ---
	prio cipher             protocols             pfs         curves
	1    DHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 DH,2048bits 
	2    DHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 DH,2048bits 
	3    DES-CBC3-SHA       TLSv1,TLSv1.1,TLSv1.2 None        
	OCSP Stapling        false
	Server Side Ordering true
	Curves Fallback      false

	--- Analyzers ---
	* Mozilla evaluation: intermediate
	  - for modern level: remove ciphersuites DHE-RSA-AES128-SHA, DHE-RSA-AES256-SHA, DES-CBC3-SHA
	  - for modern level: consider adding ciphers ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-RSA-AES128-SHA256
	  - for modern level: remove protocols TLSv1, TLSv1.1
	  - for modern level: consider enabling OCSP stapling
	  - for modern level: enable Perfect Forward Secrecy with a curve of at least 256bits, don't use DHE
	  - for modern level: use a certificate of type ecdsa, not RSA

Hope this helps,
Julien

On Thu 26.Jan'17 at 10:48:28 -0800, Glenn Rempe wrote:
> Werner, you (or anyone setting up a web server themselves really)
> might also find this config generator from Mozilla helpful as a
> shortcut in creating what is considered a modern web server config for
> TLS.
> 
> https://mozilla.github.io/server-side-tls/ssl-config-generator/
> 
> https://wiki.mozilla.org/Security/Server_Side_TLS
> 
> This config may not apply to gnupg.org directly since its not clear
> what web server you are running. In any case it will tell you which
> suites you are recommended to support for modern(ish) browsers.
> 
> I would also note that there is room for improvement regarding the
> security headers the gnupg.org sends with its content.
> 
> https://securityheaders.io/?q=gnupg.org&followRedirects=on
> 
> You are using HSTS, which is generally very good, but in this case it
> forcibly breaks users experience since it requires me to connect with
> TLS but that is not possible since you are not advertising a TLS suite
> that shares common ground with my browser (or millions of other
> potential visitors).
> 
> Cheers.
> 
> On 1/26/17 3:49 AM, Andrew Gallagher wrote:
> > On 26/01/17 00:16, Andrew Gallagher wrote:
> >> 
> >> gnupg.org *does* keep 3DES at the end of the supported suites,
> >> so surely it should not be affected. I'm tempted to write this
> >> off as a mistake by ssllabs.
> > 
> > I've spoken to ssllabs and it appears that this was an ambiguity
> > in the wording of their blog post. That means the downgrade to C
> > next month is legit - not because 3DES is present, but because 3DES
> > is present *and* GCM is absent.
> > 
> > What both this and Glenn's Apple issue have in common is the lack 
> > of ECDHE+GCM suites in the cipher list. I generally use the 
> > following config in Apache:
> > 
> > SSLCipherSuite \ "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM 
> > EECDH+ECDSA+SHA384 \ EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 
> > EECDH+aRSA+SHA256 \ EECDH EDH+AESGCM EDH+aRSA +3DES 3DES \ !aNULL 
> > !eNULL !LOW !EXP !MD5 !KRB5 !PSK !SRP !DSS !SEED !RC4"
> > 
> > This uses all HIGH suites in a sensible order but still falls back 
> > to 3DES for XP compatibility. When retiring 3DES this simplifies 
> > to:
> > 
> > SSLCipherSuite \ "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM 
> > EECDH+ECDSA+SHA384 \ EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 
> > EECDH+aRSA+SHA256 \ EECDH EDH+AESGCM EDH+aRSA !MEDIUM !LOW !aNULL 
> > !eNULL !PSK"
> > 
> > Andrew.
> > 
> > 
> > 
> > _______________________________________________ Gnupg-users
> > mailing list Gnupg-users at gnupg.org 
> > http://lists.gnupg.org/mailman/listinfo/gnupg-users
> > 
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: </pipermail/attachments/20170126/5cbf4239/attachment-0001.sig>

More information about the Gnupg-users mailing list