[WEB SECURITY] SSL Server Options - Ciphers

Hector sant9442 at gmail.com
Sun Jul 5 00:39:25 EDT 2009 

Folks,

For our web server, with a reported customer PCI compliance  requirement 
need along with increasing support questions regarding SSLv3 support 
only, the issues has made us relook at the web server SSL options. 

My questions is to do with better understood the various SSL (openssl) 
options to best present them to provide customers the new "best" 
security setting out of the box.

Currently,  we provide two GUI options:

   Cipher:  ALL:!ADH:RC4+RSA:+SSLv3:@STRENGTH  (default)
   Verify Level:  None  (default)
                        Peer
                        Fail if No Peer Certificate

Although not in the GUI, the operator can manually set the SSL Protocol 
(version) option in the config file:

    SSLProtocol = 0 to 3

where the values are:

# define SRV_SSL_V23    0  (default)
# define SRV_SSL_V2     1
# define SRV_SSL_V3     2
# define SRV_SSL_TLS1   3

So in this case, for the customer who needs PCI compliant, we suggested 
to use:

    SSLProtocol=2
    Cipher:  ALL:!ADH:RC4+RSA:+SSLv3:!SSLv2:!aNULL:!eNULL:!NULL:@STRENGTH

Now, in my internal testing with openssl s_client -ssl2 -connect 
host:443  and with IE and Firefox by forcing them to [X] Use SSLv2 
only,   the testing seem to work.  No successful SSL negotiation and 
connection was made.

However, in the last report received on Friday from the customer, he 
indicated the PCI auditor rescan failed with the new server settings.

So I have been trying to make sense of the ciphers and researching how 
others have addressed this.

I guess the issue is the cipher is not correct.  It needs to reduce the 
ciphers?  Correct?  I am going to have him try other statements.  Does 
anyone have a suggestion for this cipher openssl statement for PCI 
compliance?

The next question is about making it easier for customers by having them 
select the SSL Protocol level which will by default be associated to a 
predefine set of ciphers  while still allow them to alter it from a 
default cipher set if required.

Does that make sense from a security standpoint?   Should I even allow 
SSLv2 and/or TLSv1?

Thanks


----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA

More information about the websecurity mailing list