'Re: [openssl-users] Which protocols should my client support?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssl-users
Subject:    Re: [openssl-users] Which protocols should my client support?
From:       Viktor Dukhovni <openssl-users () dukhovni ! org>
Date:       2017-04-24 20:46:45
Message-ID: F0AC2464-86B0-42F1-80FF-5A5752F5F7C8 () dukhovni ! org
[Download RAW message or body]

> On Apr 24, 2017, at 4:04 PM, Salz, Rich via openssl-users \
> <openssl-users@openssl.org> wrote: 
> > My client is a custom application and as such only needs to communicate with \
> > specific servers for specific purposes.  I think it makes sense for my client to \
> > only support the specific protocol that my server will use, \
> > ECDHE-RSA-AES128-GCM-SHA256.  Does this sound reasonable or should I also include \
> > others as well?
> 
> I would suggest you include the three main ciphers defined in TLS 1.3, as that \
> represents the IETF's best thinking for now. AESGCM 128, 256 and ChaCha-poly.

A clean way to get there without being too explicit is:

	HIGH+kECDHE:!SHA:!COMPLEMENTOFDEFAULT 

With OpenSSL 1.1.0 this yields:

$ openssl ciphers -v 'HIGH+kECDHE:!aNULL:!SHA:!COMPLEMENTOFDEFAULT'
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=CHACHA20/POLY1305(256) \
Mac=AEAD ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  \
Enc=CHACHA20/POLY1305(256) Mac=AEAD ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     \
Au=ECDSA Enc=AESGCM(128) Mac=AEAD ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     \
Au=RSA  Enc=AESGCM(128) Mac=AEAD ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     \
Au=ECDSA Enc=AES(256)  Mac=SHA384 ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  \
Enc=AES(256)  Mac=SHA384 ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA \
Enc=AES(128)  Mac=SHA256 ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  \
Enc=AES(128)  Mac=SHA256

With 1.0.2 you get:

$ openssl ciphers -v 'HIGH+kECDHE:!SHA:!COMPLEMENTOFDEFAULT'
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA256

-- 
	Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[prev in list] [next in list] [prev in thread] [next in thread] 