[8] 値は、2バイトの列です。各値には英数字と _
で構成される名前が割り振られています。
[16] 0x00,0x00
(TLS_NULL_WITH_NULL_NULL
) は初期状態を表す特別な値です。
[17] 次の範囲には有効な値が割り振られています。
0x00
,0x01
-0x02
RFC 52460x00
,0x06
-0x16
RFC 4346, RFC 52460x00
,0x19
-0x1B
RFC 4346, RFC 52460x00
,0x1E
-0x1F
RFC 27120x00
,0x21
-0x23
RFC 27120x00
,0x25
-0x27
RFC 27120x00
,0x29
-0x2A
RFC 27120x00
,0x2C
-0x46
RFC 4785, RFC 5246, RFC 59320x00
,0x67
-0x6D
RFC 52460x00
,0x84
-0x89
RFC 59320x00
,0x8B
-0x8D
RFC 42790x00
,0x8F
-0x91
RFC 42790x00
,0x93
-0xC5
RFC 4162, RFC 4279, RFC 5288, RFC 5487, RFC 59320x00
,0xFF
RFC 57460x56
,0x00
= TLS_FALLBACK_SCSV RFC 75070xC0
,0x01
-0xAF
RFC 4429, RFC 5054, RFC 5289, RFC 5489, RFC 6209, RFC 6347, RFC 6367, RFC 6655, RFC 7251[18] 次の値はかつて使われていましたが、現在では使われていません。
[9] 第1バイト 0xFF
は、私用です >>10, >>2。
[7] アプリケーションにより別途規定が無い限り、
TLS_RSA_WITH_AES_128_CBC_SHA
を実装しなければなりません >>6。
[23] HTTP/2 はブラックリストを規定しています >>22。
[31] 次の各項も参照。
[48] Gnutls support · Issue #321 · mozilla/ssl-config-generator, https://github.com/mozilla/ssl-config-generator/issues/321
[49] Exim with GnuTLS · Issue #115 · mozilla/ssl-config-generator, https://github.com/mozilla/ssl-config-generator/issues/115
[1] Cipher suite - Wikipedia, the free encyclopedia ( 版) http://en.wikipedia.org/wiki/Cipher_suite
[3] Security/Server Side TLS - MozillaWiki ( 版) https://wiki.mozilla.org/Security/Server_Side_TLS
[4] ciphers - SSL cipher display and cipher list tool. ( 版) https://www.openssl.org/docs/apps/ciphers.html
[5] jvehent/cipherscan ( 版) https://github.com/jvehent/cipherscan
[20] SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description - get SSL_CIPHER properties ( 版) https://www.openssl.org/docs/ssl/SSL_CIPHER_get_name.html
[21] ciphers - SSL cipher display and cipher list tool. ( 版) https://www.openssl.org/docs/apps/ciphers.html
[25] jvehent/tlsnames ( 版) https://github.com/jvehent/tlsnames
[26] jvehent/tlsnames ( 版) https://github.com/jvehent/tlsnames
[29] RFC 7525 - Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) ( 版) https://tools.ietf.org/html/rfc7525#section-4
When this document speaks of [Definition: Strong TLS algorithms], then the following must hold:
No version of the TLS protocol that suffers known security flaws has been negotiated. At the point of writing of this document, versions of SSL prior to SSLv3 [SSLv3] MUST NOT be considered strong.
A cipher suite has been selected for which key and algorithm strengths correspond to industry practice. At the time of writing of this document, the "export" cipher suites explicitly forbidden in appendix A.5 of [TLSv11] MUST NOT be considered strong.
[32] 1121706 – Firefox 35.0 security.ssl3 Problem - Unable to connect to Google ( 版) https://bugzilla.mozilla.org/show_bug.cgi?id=1121706
[33] Issue 442572 - chromium - Disable AES-256-CBC modes by default - An open-source project to help move the web forward. - Google Project Hosting ( 版) https://code.google.com/p/chromium/issues/detail?id=442572
[34] 1113974 – Disable AES-256-CBC modes by default ( 版) https://bugzilla.mozilla.org/show_bug.cgi?id=1113974
[35] 1084554 – Implement TLS 1.2 DHE AES-GCM cipher suites ( 版) https://bugzilla.mozilla.org/show_bug.cgi?id=1084554
[37] What cipher suites does CloudFlare use for SSL? – CloudFlare Support ( 版) https://support.cloudflare.com/hc/en-us/articles/200933580-What-cipher-suites-does-CloudFlare-use-for-SSL-
[38] API Deprecations and Removals in Chrome 53 | Web Updates - Google Developers ( ()) https://developers.google.com/web/updates/2016/08/chrome-53-deprecations#dhe-based-ciphers-being-phased-out
The security checks require that the TSL protocol is at least TLSv1.2 and that none of the ciphers listed in RFC 7540, Appendix A is used. These checks will be extended once new security requirements come into place.
The name stems from the Security/Server Side TLS definitions at mozilla where "modern compatibility" is defined. Mozilla Firefox and other browsers require modern compatibility for HTTP/2 connections. As everything in OpSec, this is a moving target and can be expected to evolve in the future.
[40] Editorial: spell cypher as cipher (foolip著, ) https://github.com/whatwg/fetch/commit/0b6c2b170be77ba1f889a7ff25b7e181f5dc1524
[41] Editorial: spell cypher as cipher by foolip · Pull Request #649 · whatwg/fetch () https://github.com/whatwg/fetch/pull/649
[42] Editorial: spell cyphertext ciphertext (annevk著, ) https://github.com/whatwg/html/commit/81656488e77d37b177ffd27272cddb36416e226e
[43] Editorial: spell cyphertext ciphertext by annevk · Pull Request #3307 · whatwg/html () https://github.com/whatwg/html/pull/3307
[44] SSL ciphers, , https://curl.haxx.se/docs/ssl-ciphers.html
[45] curl - How To Use, , https://curl.haxx.se/docs/manpage.html#--proxy-ciphers
TLS connections must support at least one of the following supported cipher suites:
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-SHA
ECDHE-RSA-AES256-SHA
AES128-GCM-SHA256
AES256-GCM-SHA384
TLS connections must support at least one of the following supported cipher suites:
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES256-SHA384