[openssl-dev] Proposed cipher changes for post-1.0.2

[Daniel Kahn Gillmor]

On Tue 2015-02-10 16:15:36 -0500, Salz, Rich wrote:
> I would like to make the following changes in the cipher specs, in the master branch, which is planned for the next release after 1.0.2
>
> Anything that uses RC4 or MD5 what was in MEDIUM is now moved to LOW

yes, please!

> Anything that was 40-bit encryption is removed:
> /* Cipher 03 "EXP-RC4-MD5" removed */
> /* Cipher 06 "EXP-RC2-CBC-MD5" removed */
> /* Cipher 08 "EXP-DES-CBC-SHA" removed */
> /* Cipher 0B "EXP-DH-DSS-DES-CBC-SHA" removed */
> /* Cipher 0E "EXP-DH-RSA-DES-CBC-SHA" removed */
> /* Cipher 11 "EXP-DHE-DSS-DES-CBC-SHA" removed */
> /* Cipher 14 "EXP-DHE-RSA-DES-CBC-SHA" removed */
> /* Cipher 17 "EXP-ADH-RC4-MD5" removed */
> /* Cipher 19 "EXP-ADH-DES-CBC-SHA" removed */
> /* Cipher 26 "EXP-KRB5-DES-CBC-SHA" removed */
> /* Cipher 27 "EXP-KRB5-RC2-CBC-SHA" removed */
> /* Cipher 28 "EXP-KRB5-RC4-SHA" removed */
> /* Cipher 29 "EXP-KRB5-DES-CBC-MD5" removed */
> /* Cipher 2A "EXP-KRB5-RC2-CBC-MD5" removed */
> /* Cipher 2B "EXP-KRB5-RC4-MD5" removed */

when these are "removed", what will that do to a cipherstring that
specifies them by negation?

currently, this is an error:

0 dkg at alice:~$ openssl ciphers -v ALL:!NO-SUCH-CIPHER
bash: !NO-SUCH-CIPHER: event not found
0 dkg at alice:~$ 

i wouldn't want ALL:!EXP-DHE-DSS-DES-CBC-SHA to be an error, though.

> The value of DEFAULT changes to this:
>                 ALL:!LOW:!EXPORT:!aNULL:!eNULL
>
> The combination of the first and last changes means that anyone who wants or needs to use, say RC4 must explicitly say so.

This looks good to me.

Hanno wrote:

>   I'd further suggest to move everything that's not PFS&AEAD from HIGH
>   to MEDIUM.

I agree with this as well.  It sets the stage for TLS 1.3.

Thanks for pushing on this, Rich.

       --dkg