Support cipher / key-agreement preferences #1
Comments
|
After some thought and much discussion, this might be a bad idea. Most customers, administrators and so on do not have an in-depth understanding of SSL/TLS cipher suites; and so asking them to configure an order is a bit like passing the buck. It would be better if s2n chose sane defaults. Since library users must maintain good deployment practices for software bugs, it seems sensible to use this same process to handle updates in the "safe" cipher suites too. At the same time, users should be free to validate and test new defaults, as well as insulate themselves from change. To try to get both it's proposed that s2n support checkpointed defaults. What that means is:
|
colmmacc
added a commit
that referenced
this issue
Jun 29, 2015
This change moves the minimum protocol version into our versioned sets of cipher suite configurations. This means that users will be able keep a protocol version enabled, even if we disable it by default, if they choose to use an explicit version for configuration. Works towards #1 As a nice side-effect, this change also removes the dynamoc memory allocation for the cipher suite preferences and wire formats. If we disallow changing these, then it's safe to use the versions that are on the stack.
raycoll
added a commit
to raycoll/s2n
that referenced
this issue
Jun 3, 2016
Certain Java TLS clients have an implementation bug that causes poor performance with GCM based cipher suites[1]. In lieu of disabling GCM completely for these clients, let's add a new preference list with a CBC cipher aws#1(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA). The hope here is that most Java clients support that cipher and thus won't negotiate GCM. The downside is clients with reasonable GCM implementations will negotiate the CBC cipher and see lower performance. We should not make this the default preference list for s2n. Users of s2n should consider this preference list after determining that GCM is causing performance impact for clients. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1135504
raycoll
added a commit
to raycoll/s2n
that referenced
this issue
Jun 3, 2016
Certain Java TLS clients have an implementation bug that causes poor performance with GCM based cipher suites[1]. In lieu of disabling GCM completely for these clients, let's add a new preference list with a CBC cipher aws#1(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA). The hope here is that most Java clients support that cipher and thus won't negotiate GCM. The downside is clients with reasonable GCM implementations will negotiate the CBC cipher and see lower performance. We should not make this the default preference list for s2n. Users of s2n should consider this preference list after determining that GCM is causing performance impact for clients. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1135504
raycoll
added a commit
to raycoll/s2n
that referenced
this issue
Jun 7, 2016
Certain Java TLS clients have an implementation bug that causes poor performance with GCM based cipher suites[1]. In lieu of disabling GCM completely for these clients, let's add a new preference list with a CBC cipher aws#1(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA). The hope here is that most Java clients support that cipher and thus won't negotiate GCM. The downside is clients with reasonable GCM implementations will negotiate the CBC cipher and see lower performance. We should not make this the default preference list for s2n. Users of s2n should consider this preference list after determining that GCM is causing performance impact for clients. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1135504
swyang80
pushed a commit
to swyang80/s2n
that referenced
this issue
Apr 25, 2017
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
At present s2n has a single fixed ordering for cipher suites. These defaults should suit most users, but some flexibility is probably necessary.
Tentative proposal for an API:
The text was updated successfully, but these errors were encountered: