Hardening: TLS >= 1.2, limit cipher suites#43
Hardening: TLS >= 1.2, limit cipher suites#43cstsw wants to merge 1 commit intosuyashkumar:masterfrom
Conversation
In order to provide a reasonably secure TLS configuration, the following defaults have been set: - Don't use TLS versions below 1.2 as those are vulnerable to attacks such as BEAST (CVE-2011-3389) and FREAK (CVE-2015-0204) - Exclude ciphers known to be vulnerable, i.e. (3)DES, RC4, CBC ciphers
|
My suggestion for a reasonably secure TLS configuration in order to address #42 |
suyashkumar
left a comment
suyashkumar
left a comment
There was a problem hiding this comment.
Thank you so much for identifying and for the contribution! Just had a quick question I commented inline in the code.
| // Limit cipher suites available as of go 1.13 | ||
| // - List according to crypto/tls constants - in reverse order (i.e. prefer stronger over weaker ciphers) | ||
| // - Filtered out: RC4, (3)DES, CBC suites | ||
| tlsCfg.CipherSuites = []uint16{ |
There was a problem hiding this comment.
Instead of specifying our own can we rely on the "safe default" list chosen by the Go authors? As vulnerabilities emerge, we may need to specify our own list or upgrade Go, but at the moment upgrading seems sufficient and limits complexity on our end?
It also appears in go1.18.3 the tls1.3 cipher suites are not settable, so do they need to be included? (As an aside, I'm going to send a PR to update the repo to go1.18.3, so we are up to date with default lists)
There was a problem hiding this comment.
(just sent #44 to update go).
If we can just go with the safe default list, we can not specify this list but we can still specify the min tls version and go from there. wdyt?
2 participants
In order to provide a reasonably secure TLS configuration, the following defaults have been set: