Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Are these Cipher_Suites still updated? #4

Open
mdantonio opened this issue Jul 13, 2020 · 4 comments
Open

Are these Cipher_Suites still updated? #4

mdantonio opened this issue Jul 13, 2020 · 4 comments

Comments

@mdantonio
Copy link

Hello,
I was looking at:
https://wiki.mozilla.org/Security/Cipher_Suites

and noticed that the table was last updated in May 2019

I tried to execute the tsl-table script by myself but I got an error:

$ python3 tls-table.py mediawiki --colorize

Retrieving IANA cipher List
Retrieving NSS cipher list
  Warning: code point 0x00,0x66 (TLS_DHE_DSS_WITH_RC4_128_SHA) not in IANA registry
  Warning: code point 0x00,0x62 (TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA) not in IANA registry
  Warning: code point 0x00,0x64 (TLS_RSA_EXPORT1024_WITH_RC4_56_SHA) not in IANA registry
  Warning: code point 0x00,0x63 (TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA) not in IANA registry
  Warning: code point 0x00,0x65 (TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA) not in IANA registry
Retrieving OpenSSL cipher list
Unable to retrieve or parse OpenSSL cipher list
Retrieving GnuTLS cipher list
  Warning: code point 0x00,0x66 (TLS_DHE_DSS_ARCFOUR_128_SHA1) not in IANA registry
  Warning: code point 0xc1,0x02 (TLS_GOSTR341112_256_28147_CNT_IMIT) not in IANA registry


Retrieving cipher suites from Mozilla Server Side TLS page
Traceback (most recent call last):
  File "tls-table.py", line 259, in <module>
    get_colorize_chart()
  File "tls-table.py", line 68, in get_colorize_chart
    'Modern': get_colorize_chart_openssl_ciphers(recommendations[0]),
IndexError: list index out of range

Is this script still supported?
Can the wiki table still be considered updated? or can it be updated?

Many thanks for your support!
@noraj
Copy link

noraj commented Apr 22, 2021

I think yes, eg IANA was updated on 2021-04-02

tls-table/tls-table.py

Line 13 in 169f749

IANA_URL = 'http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml'

GNUTLS and OPENSSL are fetched form master branches so they should be updated.

tls-table/tls-table.py

Line 12 in 169f749

GNUTLS_URL = 'https://gitlab.com/gnutls/gnutls/raw/master/lib/algorithms/ciphersuites.c'

tls-table/tls-table.py

Line 16 in 169f749

OPENSSL_URL = 'https://raw.githubusercontent.com/openssl/openssl/master/include/openssl/tls1.h'

@mdantonio
Copy link
Author

Ok... thank you
Unfortunately the page at https://wiki.mozilla.org/Security/Cipher_Suites is not updated since the last two years and the script does not work for me

@noraj
Copy link

noraj commented May 8, 2021

Ok... thank you
Unfortunately the page at https://wiki.mozilla.org/Security/Cipher_Suites is not updated since the last two years and the script does not work for me

You can see with #5 that TLS table is not working in it's actual state. I made a new tool called TLS map that you cloud use and will work to get up to date values.

@janbrasna janbrasna mentioned this issue Dec 22, 2023
Open
@janbrasna
Copy link

The page https://wiki.mozilla.org/Security/Cipher_Suites is currently being updated manually, see:

@janbrasna janbrasna mentioned this issue Mar 14, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@janbrasna @mdantonio @noraj