You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'll say that I hate allowing configuration of security things like this, but so long as it's for letting admins kill old versions of TLS it'd be fine I guess. So long as we don't bundle any other sort of configuration of ciphers or preferred cipher order or other esoteric specifics in with this - way too many projects expose every weird security detail and give the user the ability to screw up the config and shoot themselves in the foot.
I wouldn't suggest making ciphers configurable, and TLS 1.3 uses completely different cipher names than 1.2 and earlier. There is a point that OpenSSL and with that nginx don't directly expose them because there are no insecure ciphers in 1.3. It shouldn't need configuration.
However, the reason I brought this up is that gotls enables 1.0/1.1, which are to some extend insecure (they use CBC modes only and HMAC-SHA1 and so on) by default and disabling this is quite valid, and should maybe even be the default.
As for ciphers with 1.2, gotls enables AES-CBC with 1.2, which is considered rather poor. Mozilla for example recommends even for their intermediate configuration to turn them off. In my opinion - feel free to disagree - that configuration should be roughly the default nowadays.
Go supports the following versions:
(tls.Config).MinVersion
can be used to set the minimum version, which defaults to 1.0. Operators may want to increase this.The text was updated successfully, but these errors were encountered: