FreeIPA currently configures 389 with nsSSL3Ciphers: +all, allowing the use of insecure ciphers when connecting to 389.
nsSSL3Ciphers: +all
It could be changed to nsSSL3Ciphers: default, which is a more secure (and maintained) default set of ciphers (available since 389 v1.3.3).
nsSSL3Ciphers: default
See https://fedorahosted.org/389/ticket/47838 and http://directory.fedoraproject.org/docs/389ds/design/nss-cipher-design.html for more info.
Original RFE that introduced the cipher suite: #4395 (FreeIPA 4.0.3).
We have also this configuration,
allowWeakCipher: off
shouldn't this turn off weak ciphers?
According to http://directory.fedoraproject.org/docs/389ds/design/nss-cipher-design.html default provides less suites than +all but weak
Current cipher list on F23:
$ rpm -qa nss 389-ds-base nss-3.22.2-1.0.fc23.x86_64 389-ds-base-1.3.4.5-1.fc23.x86_64 $ sslscan HOST:636 | grep Accept Accepted TLSv1 256 bits ECDHE-RSA-AES256-SHA Accepted TLSv1 256 bits DHE-RSA-AES256-SHA Accepted TLSv1 256 bits DHE-RSA-CAMELLIA256-SHA Accepted TLSv1 256 bits AES256-SHA Accepted TLSv1 256 bits CAMELLIA256-SHA Accepted TLSv1 128 bits ECDHE-RSA-AES128-SHA Accepted TLSv1 128 bits DHE-RSA-AES128-SHA Accepted TLSv1 128 bits DHE-RSA-CAMELLIA128-SHA Accepted TLSv1 128 bits AES128-SHA Accepted TLSv1 128 bits SEED-SHA Accepted TLSv1 128 bits CAMELLIA128-SHA Accepted TLS11 256 bits ECDHE-RSA-AES256-SHA Accepted TLS11 256 bits DHE-RSA-AES256-SHA Accepted TLS11 256 bits DHE-RSA-CAMELLIA256-SHA Accepted TLS11 256 bits AES256-SHA Accepted TLS11 256 bits CAMELLIA256-SHA Accepted TLS11 128 bits ECDHE-RSA-AES128-SHA Accepted TLS11 128 bits DHE-RSA-AES128-SHA Accepted TLS11 128 bits DHE-RSA-CAMELLIA128-SHA Accepted TLS11 128 bits AES128-SHA Accepted TLS11 128 bits SEED-SHA Accepted TLS11 128 bits CAMELLIA128-SHA Accepted TLS12 256 bits ECDHE-RSA-AES256-SHA Accepted TLS12 256 bits DHE-RSA-AES256-SHA256 Accepted TLS12 256 bits DHE-RSA-AES256-SHA Accepted TLS12 256 bits DHE-RSA-CAMELLIA256-SHA Accepted TLS12 256 bits AES256-SHA256 Accepted TLS12 256 bits AES256-SHA Accepted TLS12 256 bits CAMELLIA256-SHA Accepted TLS12 128 bits ECDHE-RSA-AES128-GCM-SHA256 Accepted TLS12 128 bits ECDHE-RSA-AES128-SHA256 Accepted TLS12 128 bits ECDHE-RSA-AES128-SHA Accepted TLS12 128 bits DHE-RSA-AES128-GCM-SHA256 Accepted TLS12 128 bits DHE-RSA-AES128-SHA256 Accepted TLS12 128 bits DHE-RSA-AES128-SHA Accepted TLS12 128 bits DHE-RSA-CAMELLIA128-SHA Accepted TLS12 128 bits AES128-GCM-SHA256 Accepted TLS12 128 bits AES128-SHA256 Accepted TLS12 128 bits AES128-SHA Accepted TLS12 128 bits SEED-SHA Accepted TLS12 128 bits CAMELLIA128-SHA
Except for CAMELLIA and SEED it doesn't look that bad.
With 'nsSSL3Ciphers: default':
Accepted TLSv1 256 bits ECDHE-RSA-AES256-SHA Accepted TLSv1 256 bits DHE-RSA-AES256-SHA Accepted TLSv1 256 bits AES256-SHA Accepted TLSv1 128 bits ECDHE-RSA-AES128-SHA Accepted TLSv1 128 bits DHE-RSA-AES128-SHA Accepted TLSv1 128 bits AES128-SHA Accepted TLS11 256 bits ECDHE-RSA-AES256-SHA Accepted TLS11 256 bits DHE-RSA-AES256-SHA Accepted TLS11 256 bits AES256-SHA Accepted TLS11 128 bits ECDHE-RSA-AES128-SHA Accepted TLS11 128 bits DHE-RSA-AES128-SHA Accepted TLS11 128 bits AES128-SHA Accepted TLS12 256 bits ECDHE-RSA-AES256-SHA Accepted TLS12 256 bits DHE-RSA-AES256-SHA256 Accepted TLS12 256 bits DHE-RSA-AES256-SHA Accepted TLS12 256 bits AES256-SHA256 Accepted TLS12 256 bits AES256-SHA Accepted TLS12 128 bits ECDHE-RSA-AES128-GCM-SHA256 Accepted TLS12 128 bits ECDHE-RSA-AES128-SHA256 Accepted TLS12 128 bits ECDHE-RSA-AES128-SHA Accepted TLS12 128 bits DHE-RSA-AES128-GCM-SHA256 Accepted TLS12 128 bits DHE-RSA-AES128-SHA256 Accepted TLS12 128 bits DHE-RSA-AES128-SHA Accepted TLS12 128 bits AES128-GCM-SHA256 Accepted TLS12 128 bits AES128-SHA256 Accepted TLS12 128 bits AES128-SHA
We would prefer if you used nsSSL3Ciphers: default. We try to keep these as strong secure defaults. That's why there are less in the list than "all but weak".
It also means you (ipa project) don't need to worry about updating them as much, as we will take care of it on the DS side.
master:
ipa-4-3:
No test required on ipa side.
Metadata Update from @ftweedal: - Issue assigned to mbasti - Issue set to the milestone: FreeIPA 4.3.1
Login to comment on this ticket.