Ciphersuite

Ciphersuite

仕様書

[8] 値は、2バイトの列です。各値には英数字と _ で構成される名前が割り振られています。

[16] 0x00,0x00 (TLS_NULL_WITH_NULL_NULL) は初期状態を表す特別な値です。

[17] 次の範囲には有効な値が割り振られています。

[19] しかしこのうちのいくつかは安全ではなく使うべきではないとされています。

[18] 次の値はかつて使われていましたが、現在では使われていません。

[9] 第1バイト 0xFF は、私用です >>10, >>2

[7] アプリケーションにより別途規定が無い限り、 TLS_RSA_WITH_AES_128_CBC_SHA を実装しなければなりません >>6

[11] IANA登録簿 >>2 があります >>10

[23] HTTP/2 はブラックリストを規定しています >>22

[31] 次の各項も参照。

メモ

[1] Cipher suite - Wikipedia, the free encyclopedia ( 版) http://en.wikipedia.org/wiki/Cipher_suite

[3] Security/Server Side TLS - MozillaWiki ( 版) https://wiki.mozilla.org/Security/Server_Side_TLS

[4] ciphers - SSL cipher display and cipher list tool. ( 版) https://www.openssl.org/docs/apps/ciphers.html

[5] jvehent/cipherscan ( 版) https://github.com/jvehent/cipherscan

[20] SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description - get SSL_CIPHER properties ( 版) https://www.openssl.org/docs/ssl/SSL_CIPHER_get_name.html

[21] ciphers - SSL cipher display and cipher list tool. ( 版) https://www.openssl.org/docs/apps/ciphers.html

[25] jvehent/tlsnames ( 版) https://github.com/jvehent/tlsnames

[26] jvehent/tlsnames ( 版) https://github.com/jvehent/tlsnames

[29] RFC 7525 - Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) ( 版) https://tools.ietf.org/html/rfc7525#section-4

[30] Web Security Context: User Interface Guidelines ( 版) http://www.w3.org/TR/wsc-ui/#typesoftls

When this document speaks of [Definition: Strong TLS algorithms], then the following must hold:

No version of the TLS protocol that suffers known security flaws has been negotiated. At the point of writing of this document, versions of SSL prior to SSLv3 [SSLv3] MUST NOT be considered strong.

A cipher suite has been selected for which key and algorithm strengths correspond to industry practice. At the time of writing of this document, the "export" cipher suites explicitly forbidden in appendix A.5 of [TLSv11] MUST NOT be considered strong.

[32] 1121706 – Firefox 35.0 security.ssl3 Problem - Unable to connect to Google ( 版) https://bugzilla.mozilla.org/show_bug.cgi?id=1121706

[33] Issue 442572 - chromium - Disable AES-256-CBC modes by default - An open-source project to help move the web forward. - Google Project Hosting ( 版) https://code.google.com/p/chromium/issues/detail?id=442572

[34] 1113974 – Disable AES-256-CBC modes by default ( 版) https://bugzilla.mozilla.org/show_bug.cgi?id=1113974

[35] 1084554 – Implement TLS 1.2 DHE AES-GCM cipher suites ( 版) https://bugzilla.mozilla.org/show_bug.cgi?id=1084554

[37] What cipher suites does CloudFlare use for SSL? – CloudFlare Support ( 版) https://support.cloudflare.com/hc/en-us/articles/200933580-What-cipher-suites-does-CloudFlare-use-for-SSL-

[38] API Deprecations and Removals in Chrome 53 | Web Updates - Google Developers ( ()) https://developers.google.com/web/updates/2016/08/chrome-53-deprecations#dhe-based-ciphers-being-phased-out

[39] mod_http2 - Apache HTTP Server Version 2.4 ( ()) https://httpd.apache.org/docs/2.4/mod/mod_http2.html#H2ModernTLSOnly

The security checks require that the TSL protocol is at least TLSv1.2 and that none of the ciphers listed in RFC 7540, Appendix A is used. These checks will be extended once new security requirements come into place.

The name stems from the Security/Server Side TLS definitions at mozilla where "modern compatibility" is defined. Mozilla Firefox and other browsers require modern compatibility for HTTP/2 connections. As everything in OpSec, this is a moving target and can be expected to evolve in the future.

[40] Editorial: spell cypher as cipher (foolip著, ) https://github.com/whatwg/fetch/commit/0b6c2b170be77ba1f889a7ff25b7e181f5dc1524

[41] Editorial: spell cypher as cipher by foolip · Pull Request #649 · whatwg/fetch () https://github.com/whatwg/fetch/pull/649

[42] Editorial: spell cyphertext ciphertext (annevk著, ) https://github.com/whatwg/html/commit/81656488e77d37b177ffd27272cddb36416e226e

[43] Editorial: spell cyphertext ciphertext by annevk · Pull Request #3307 · whatwg/html () https://github.com/whatwg/html/pull/3307

[44] SSL ciphers, , https://curl.haxx.se/docs/ssl-ciphers.html

[45] curl - How To Use, , https://curl.haxx.se/docs/manpage.html#--proxy-ciphers

[46] Deprecating TLS v1.0 and v1.1 | Slack (Slack, ) https://api.slack.com/changelog/2019-07-deprecate-early-tls-versions#what

TLS connections must support at least one of the following supported cipher suites:

ECDHE-RSA-AES128-GCM-SHA256

ECDHE-RSA-AES256-GCM-SHA384

ECDHE-RSA-AES128-SHA

ECDHE-RSA-AES256-SHA

AES128-GCM-SHA256

AES256-GCM-SHA384

[47] Using the Slack Web API | Slack (Slack, ) https://api.slack.com/web#ssl

TLS connections must support at least one of the following supported cipher suites:

ECDHE-RSA-AES128-GCM-SHA256

ECDHE-RSA-AES256-GCM-SHA384

ECDHE-RSA-AES128-SHA256

ECDHE-RSA-AES256-SHA384