-
Notifications
You must be signed in to change notification settings - Fork 60
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
awselb 2014.2.19, intermediate config supports weak DH parameters #84
Comments
Yeah, there's not a ton I can do there. Thankfully it's pretty unlikely for DHE to be selected for almost any client these days. Do you have any suggestions? |
We could use a different set of cipher suites for Classic Load Balancers. For example, for Application Load Balancers, we use the |
Yes, but I don't think it's necessarily great to have a completely different set of cipher suites for just one specific server. ELB is different in that it doesn't give you a choice, but it otherwise makes it incredibly hard to support and be correct with what clients are supported. Keep in mind that DHE is already only going to be negotiated for IE11 Clients on Windows 7, so it's a pretty small group, and assuming Amazon frequently rotates DH parameters, it's unlikely to be a significant problem. I would be fine adding a note to the ALB config to indicate that AWS uses weak DH paramaters. |
For example, you can see that the HTTP Observatory backend is using this ALB: And only IE11 negotiated this. |
I’m also concerned with the perception of this configuration. If one configures their Classic Load Balancer with the intermediate config, they might be surprised and feel uncomfortable with receiving a warning on SSL Labs (which also caps the grade to B). How about using the exact same cipher suites as the |
Well there's manually maintained list of ciphers for ssl-config-generator/src/js/configs.js Line 31 in 454a235
so a quick hack might be just removing the DHE values intentionally if we know they only use short keys, and they won't be matched for output then… (but that would kill them off for both intermediate AND old which is probably not the ideal outcome:/…)
BTW the available cipher list hasn't been updated in a while, too. It'd be great if anyone could check the current output of
if there's any change. |
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
The AWS announcement 3061 also mentioned:
Nonetheless I wasn't able to find any further reference if that key size update really happened and what is in use today. I will look into adding a comment to the output, mentioning possible short keys and a hint to remove DHE lines if the kind of compatibility is not necessary for given consumer.
Oh the issue is ELBs don't support those policies at all, see the list: https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-policy-table.html#tls-protocols |
As far as I understand, this is only the list of predefined security policies. You can always create a custom security policy. Could we create a custom policy that uses the same cipher suites as the |
I'm not sure they support the same cipher suites to construct the equivalent policy (we're now on @sonicdoe Would you mind running BTW if anyone has some ELB instance available, configured with moz |
The awselb 2014.2.19, intermediate config supports weak Diffie-Hellman (DH) key exchange parameters, capping the Qualys SSL Labs grade to B.
As far as I know, Classic Load Balancers always use 1024-bit keys and Amazon Web Services instead recommends disabling DHE cipher suites. See Announcement: Announcing ELB security update to disable Diffie-Hellman key agreement from May 2015.
The text was updated successfully, but these errors were encountered: