[gnutls-help] User-level visibility of GnuTLS security and tuning
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Dec 9 17:25:28 CET 2014
On Mon, Dec 8, 2014 at 7:49 PM, Ted Zlatanov <tzz at lifelogs.com> wrote:
> Some other browsers are discussing switching off "weak" encryption in
> one form or another. I don't think that's a good idea, because
> sometimes you want to visit web sites and don't care whether they use
> "good" encryption or not.
> But it might make sense to warn users that this is happening. Perhaps
> by default, perhaps only if they have switched to `high' security.
>
> Candidates for these warnings would be
>
> * low prime-bits used in the Diffie-Hellman handshake
> * SSL1, SSL2 and SSL3
If the code is gnutls, it only supports SSL 3.0 or later (btw. there
is no SSL 1.0). I'd warn on TLS 1.0 (inclusive due to BEAST attack)
and earlier.
> Can anybody think of anything else that's considered "weak" these days?
> Perhaps it might make sense to allow users to specify high-grained
> security policies?
I think a good approach is to define few understandable policies.
Fedora for example provides LEGACY, DEFAULT and FUTURE. The idea is
that legacy would work with any server providing something better than
plaintext, default a reasonable security level for today's metrics,
and future is a security level with the state of the art encryption
requirements of today.
You may get inspired by the gnutls settings for them:
https://github.com/nmav/fedora-crypto-policies/tree/master/profiles
regards,
Nikos
More information about the Gnutls-help
mailing list