|
|
Log in / Subscribe / Register

suggestion for webserver administrators.

suggestion for webserver administrators.

Posted Jul 25, 2013 16:43 UTC (Thu) by Richard_J_Neill (subscriber, #23093)
In reply to: suggestion for webserver administrators. by jeff_marshall
Parent article: Feds put heat on Web firms for master encryption keys (CNET)

I may have caused some confusion here. My understanding is that:

On Apache 2.2, we had a choice between two evils, either ciphers which have forward secrecy (but which are vulnerable to BEAST), or which are immune to BEAST but sacrifice forward-secrecy. The latter is the Apache-2.2 configuration (at least on Ubuntu).

This one is secure, but requires Apache 2.4
ECDHE-RSA-AES128-SHA256

To answer your question, I think the answer is "no" - at least, experimentally, and using the ssllabs test-suite.

to post comments

suggestion for webserver administrators.

Posted Jul 25, 2013 18:38 UTC (Thu) by jeff_marshall (subscriber, #49255) [Link]

Thanks for the clarification. I think my confusion stemmed from your use of "cipher" vs. "cipher suite"( i.e., ECHDE is a cipher, ECDHE-RSA-AES128-SHA256 is a cipher suite).

Ultimately, the problem appears to stem from the choices of which ciphers are grouped into suites in the SSL/TLS standards- many of the suites either pick a key agreement scheme without forward secrecy or a block cipher + mode vulnerable to BEAST.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds