gnupg website

Glenn Rempe glenn at rempe.us
Mon Jan 30 07:54:27 CET 2017


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Werner,

Is there a plan to take action on this TLS issue the Julien and I have
written about? I believe all Safari and iOS users are excluded from
gnupg.org without action on the TLS setup.

Cheers

On 1/26/17 11:15 AM, Julien Vehent wrote:
> Hello,
> 
> I'm the maintainer of the Server Side TLS guidelines at Mozilla.
> I'm happy to help with the HTTPS setup of gnupg.org in any way I
> can.
> 
> Here's the configuration currently measures by the TLS
> Observatory, along with some recommendations to reach Modern
> level.
> 
> --- Ciphers Evaluation --- prio cipher             protocols
> pfs         curves 1    DHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2
> DH,2048bits 2    DHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2
> DH,2048bits 3    DES-CBC3-SHA       TLSv1,TLSv1.1,TLSv1.2 None
>  OCSP Stapling        false Server Side Ordering true Curves
> Fallback      false
> 
> --- Analyzers --- * Mozilla evaluation: intermediate - for modern
> level: remove ciphersuites DHE-RSA-AES128-SHA, DHE-RSA-AES256-SHA,
> DES-CBC3-SHA - for modern level: consider adding ciphers
> ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-GCM-SHA384,
> ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305,
> ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-RSA-AES128-GCM-SHA256,
> ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-SHA384,
> ECDHE-ECDSA-AES128-SHA256, ECDHE-RSA-AES128-SHA256 - for modern
> level: remove protocols TLSv1, TLSv1.1 - for modern level: consider
> enabling OCSP stapling - for modern level: enable Perfect Forward
> Secrecy with a curve of at least 256bits, don't use DHE - for
> modern level: use a certificate of type ecdsa, not RSA
> 
> Hope this helps, Julien
> 
> On Thu 26.Jan'17 at 10:48:28 -0800, Glenn Rempe wrote:
>> Werner, you (or anyone setting up a web server themselves
>> really) might also find this config generator from Mozilla
>> helpful as a shortcut in creating what is considered a modern web
>> server config for TLS.
>> 
>> https://mozilla.github.io/server-side-tls/ssl-config-generator/
>> 
>> https://wiki.mozilla.org/Security/Server_Side_TLS
>> 
>> This config may not apply to gnupg.org directly since its not
>> clear what web server you are running. In any case it will tell
>> you which suites you are recommended to support for modern(ish)
>> browsers.
>> 
>> I would also note that there is room for improvement regarding
>> the security headers the gnupg.org sends with its content.
>> 
>> https://securityheaders.io/?q=gnupg.org&followRedirects=on
>> 
>> You are using HSTS, which is generally very good, but in this
>> case it forcibly breaks users experience since it requires me to
>> connect with TLS but that is not possible since you are not
>> advertising a TLS suite that shares common ground with my browser
>> (or millions of other potential visitors).
>> 
>> Cheers.
>> 
>> On 1/26/17 3:49 AM, Andrew Gallagher wrote:
>>> On 26/01/17 00:16, Andrew Gallagher wrote:
>>>> 
>>>> gnupg.org *does* keep 3DES at the end of the supported
>>>> suites, so surely it should not be affected. I'm tempted to
>>>> write this off as a mistake by ssllabs.
>>> 
>>> I've spoken to ssllabs and it appears that this was an
>>> ambiguity in the wording of their blog post. That means the
>>> downgrade to C next month is legit - not because 3DES is
>>> present, but because 3DES is present *and* GCM is absent.
>>> 
>>> What both this and Glenn's Apple issue have in common is the
>>> lack of ECDHE+GCM suites in the cipher list. I generally use
>>> the following config in Apache:
>>> 
>>> SSLCipherSuite \ "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM 
>>> EECDH+ECDSA+SHA384 \ EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 
>>> EECDH+aRSA+SHA256 \ EECDH EDH+AESGCM EDH+aRSA +3DES 3DES \
>>> !aNULL !eNULL !LOW !EXP !MD5 !KRB5 !PSK !SRP !DSS !SEED !RC4"
>>> 
>>> This uses all HIGH suites in a sensible order but still falls
>>> back to 3DES for XP compatibility. When retiring 3DES this
>>> simplifies to:
>>> 
>>> SSLCipherSuite \ "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM 
>>> EECDH+ECDSA+SHA384 \ EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 
>>> EECDH+aRSA+SHA256 \ EECDH EDH+AESGCM EDH+aRSA !MEDIUM !LOW
>>> !aNULL !eNULL !PSK"
>>> 
>>> Andrew.
>>> 
>>> 
>>> 
>>> _______________________________________________ Gnupg-users 
>>> mailing list Gnupg-users at gnupg.org 
>>> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>>> 
>> 
>> _______________________________________________ Gnupg-users
>> mailing list Gnupg-users at gnupg.org 
>> http://lists.gnupg.org/mailman/listinfo/gnupg-users
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEHYo11lajUTmaOI4vCiVDbdRDnGwFAliO4xoACgkQCiVDbdRD
nGzhmA/6AwxKMMt5OqvARLozbzuTDrmGb7TEfXcHKRssGHpCITEQ0kBTbiCRhszd
3NAfK/Fc+jE+ysVRQ2Khs5IQXPKiXBtGd57NjNg2/RJkDJmXHKDzWOuFW137Xhuv
asc+8e+xsMgo7/i1J32F419E1feo9jvm+QprvPZHRia85EHa60wVGllTSBgA82FN
j977NlTCDhveZuB0DJgVCsI0Wo0AdLELh2tTQD1vB+Tkizvkki1+q769u3GmDzHX
moV14oGjyI72Z8On1He1PD2UZobGyABQukQSpPsGFEh4RKgDyoe+07Uh6n3cydxH
UKpQpA9a3hjsnCHz2V/WuJnxwjD/IqPzeLs4/UdnbmRENp7iySe0SV+Pdm/Iqw50
OaxTMyxzhhd7Lz7IbslxLGMEGrCls8+xRzIP3JPbrdZjC++lggZIbiNFg/wECDJi
zDXCih9IeOHb6CWU/p+qt4vteMviwFUBgvpQOSXpqbnidyG+QbwYQ7AqAD/YHdwf
zqPSHP2GOpWrHv73q3rOLowOUTdwQhGa5aLrbRkQX51dcYAq9O4YJsGYjdE1xFi2
Cwb/Uxuef4j2o+PYjHGGW4+jknm3cPIo3mf8WHLTIOsrj9iPEMClqZk7+ryxaQlI
0PPWu3nuCav2ez241GSZoANM/2V439obFRCT6oz8JYpI7cRs3SQ=
=8xGz
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list