Mantis Bugtracker
  

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0005906 [Resin] minor always 05-15-15 19:26 06-08-15 14:29
Reporter alex View Status public  
Assigned To ferg
Priority normal Resolution fixed  
Status closed   Product Version 4.0.43
Summary 0005906: support ciphers offering Forward Secrecy
Description rep by Nick Stephens,

Add support for Forward Secrecy:

test-tool: https://testssl.sh/ [^]

E.g. of Resin Output

 
--> Testing (perfect) forward secrecy, (P)FS -- omitting 3DES, RC4 and Null Encryption here

Not OK: No ciphers supporting Forward Secrecy offered


e.g. of Nginx output build on the same machine using the same certificates:

OK: PFS is offered. Client/browser support is important here. Offered PFS server ciphers follow...

Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits
-------------------------------------------------------------------------
 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH AESGCM 256
 xc028 ECDHE-RSA-AES256-SHA384 ECDH AES 256
 xc014 ECDHE-RSA-AES256-SHA ECDH AES 256
 xc027 ECDHE-RSA-AES128-SHA256 ECDH AES 128
 xc013 ECDHE-RSA-AES128-SHA ECDH AES 128
 xc011 ECDHE-RSA-RC4-SHA ECDH RC4 128


openssl/ciphersuite for Resin and Nginx set to the same:

ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-RC4-SHA ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-DES-CBC3-SHA EC\
DHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-RC4-SHA AES128-GCM-SHA256 AES128-SHA256 AES128-SHA RC4-SHA RC4-MD5 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA AES256-GCM-SHA384 AES256\
-SHA256 AES256-SHA ECDHE-RSA-AES128-SHA256 ECDHE-RSA-DES-CBC3-SHA DES-CBC3-SHA

Additional Information
Attached Files

- Relationships

There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
05-15-15 19:26 alex New Issue
05-18-15 09:09 nstephens Issue Monitored: nstephens
05-20-15 11:27 kwatson Issue Monitored: kwatson
06-08-15 14:29 ferg Assigned To  => ferg
06-08-15 14:29 ferg Status new => closed
06-08-15 14:29 ferg Resolution open => fixed
06-08-15 14:29 ferg Fixed in Version  => 4.0.45


Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
31 total queries executed.
27 unique queries executed.
Powered by Mantis Bugtracker