Closed Bug 1248760 Opened 9 years ago Closed 8 years ago

Determine DNS names and TLS requirements

Categories

(Release Engineering Graveyard :: Applications: Balrog (backend), defect)

Product:
Release Engineering Graveyard
Component:
Applications: Balrog (backend)
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: mostlygeek, Unassigned)

References

Details

From the onboarding meeting it was determined that there several DNS endpoints used for the updater service (aus.mozilla.org, aus1.m.o, aus2.m.o, ... aus5.m.o). These are baked in and shipped as part of a Firefox release. There are also cert pinning requirements for these DNS endpoints.
A bit more information about the DNS names: - aus.mozilla.org - Redirects to www.mozilla.org. No TLS, HTTP only service. - aus1.mozilla.org - does not resolve - aus2.mozilla.org - https only, 301's to https://aus4.mozilla.org - aus3.mozilla.org - https only, normal service, Thawte SSL cert - aus4.mozilla.org - http redir to http, https service, DigiCert cert - aus5.mozilla.org - http redir to http, https service, Digicert cert
$ tlsobs aus3.mozilla.org Scanning aus3.mozilla.org (id 12111975) Retrieving cached results from 20m35.197806025s ago. To run a new scan, use '-r'. --- Certificate --- Subject C=US, O=Mozilla Foundation, OU=Automatic Update System, CN=aus3.mozilla.org SubjectAlternativeName - aus3.mozilla.org Issuer C=US, O=Thawte, Inc., CN=Thawte SSL CA Validity 2013-09-09T00:00:00Z to 2017-09-08T23:59:59Z CA false SHA1 F5E289911D7931A92D7B7C9FCF483296C5C10140 SHA256 655713C0267B80027773260B7FD46C5CA8BA255B7D401165E9028AE81B868D08 SigAlg SHA1WithRSA --- Ciphers Evaluation --- prio cipher protocols pfs curves 1 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 2 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 3 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 4 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 5 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 6 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 7 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits 8 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 DH,1024bits 9 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits 10 DHE-RSA-AES256-SHA256 TLSv1.2 DH,1024bits 11 EDH-RSA-DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits 12 AES128-GCM-SHA256 TLSv1.2 None 13 AES256-GCM-SHA384 TLSv1.2 None 14 AES128-SHA256 TLSv1.2 None 15 AES256-SHA256 TLSv1.2 None 16 DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 None OCSP Stapling true Server Side Ordering true Curves Fallback false --- Analyzers --- * Mozilla evaluation: old - for old level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, DHE-DSS-AES128-GCM-SHA256, DHE-DSS-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-DSS-AES128-SHA256, DHE-DSS-AES256-SHA, DHE-RSA-AES256-SHA, ECDHE-RSA-DES-CBC3-SHA, ECDHE-ECDSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA, DHE-DSS-AES256-SHA256, DHE-DSS-AES128-SHA, DHE-RSA-CHACHA20-POLY1305, ECDHE-RSA-CAMELLIA256-SHA384, ECDHE-ECDSA-CAMELLIA256-SHA384, DHE-RSA-CAMELLIA256-SHA256, DHE-DSS-CAMELLIA256-SHA256, DHE-RSA-CAMELLIA256-SHA, DHE-DSS-CAMELLIA256-SHA, CAMELLIA256-SHA256, CAMELLIA256-SHA, ECDHE-RSA-CAMELLIA128-SHA256, ECDHE-ECDSA-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA256, DHE-DSS-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA, DHE-DSS-CAMELLIA128-SHA, CAMELLIA128-SHA256, CAMELLIA128-SHA, DHE-RSA-SEED-SHA, DHE-DSS-SEED-SHA, SEED-SHA - for old level: add protocols SSLv3 - for old level: increase priority of ECDHE-RSA-AES128-SHA over ECDHE-RSA-AES256-SHA384 - for old level: increase priority of DHE-RSA-AES128-GCM-SHA256 over ECDHE-RSA-AES256-SHA - for old level: fix ciphersuite ordering, use recommended old ciphersuite - for intermediate level: sha1WithRSAEncryption is not an intermediate certificate signature, use sha256WithRSAEncryption - for intermediate level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-RSA-AES256-SHA, ECDHE-ECDSA-DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA - for intermediate level: use DHE of at least 2048bits and ECC of at least 256bits - for modern level: sha1WithRSAEncryption is not a modern certificate signature, use sha256WithRSAEncryption or ecdsa-with-SHA256 or ecdsa-with-SHA384 or ecdsa-with-SHA512 - for modern level: remove ciphersuites ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, DHE-RSA-AES128-GCM-SHA256, DHE-RSA-AES256-GCM-SHA384, DHE-RSA-AES128-SHA256, DHE-RSA-AES256-SHA256, EDH-RSA-DES-CBC3-SHA, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, DES-CBC3-SHA - for modern level: consider adding ciphers ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES128-SHA256 - for modern level: remove protocols TLSv1, TLSv1.1 - for modern level: enable Perfect Forward Secrecy with a curve of at least 256bits, don't use DHE - oldest clients: Firefox 1, Chrome 1, Windows XP IE 6, Opera 4, Safari 1, Java 6
$ tlsobs aus4.mozilla.org Scanning aus4.mozilla.org (id 12111976) Retrieving cached results from 21m40.889715776s ago. To run a new scan, use '-r'. --- Certificate --- Subject C=US, O=Mozilla Foundation, CN=aus4.mozilla.org SubjectAlternativeName - aus4.mozilla.org Issuer C=US, O=DigiCert Inc, CN=DigiCert Secure Server CA Validity 2015-09-09T00:00:00Z to 2018-12-07T12:00:00Z CA false SHA1 A1EA95E56132B5EB8C57D0E95391A9515BEB7D61 SHA256 680A8F892E76076F6D1C0B03F96D648B324D52DCAAB04E0EED0E93CEA281D6FD SigAlg SHA1WithRSA --- Ciphers Evaluation --- prio cipher protocols pfs curves 1 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 2 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 3 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 4 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 5 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 6 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 7 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits 8 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 DH,1024bits 9 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits 10 DHE-RSA-AES256-SHA256 TLSv1.2 DH,1024bits 11 EDH-RSA-DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits 12 AES128-GCM-SHA256 TLSv1.2 None 13 AES256-GCM-SHA384 TLSv1.2 None 14 AES128-SHA256 TLSv1.2 None 15 AES256-SHA256 TLSv1.2 None 16 DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 None OCSP Stapling true Server Side Ordering true Curves Fallback false --- Analyzers --- * Mozilla evaluation: old - for old level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, DHE-DSS-AES128-GCM-SHA256, DHE-DSS-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-DSS-AES128-SHA256, DHE-DSS-AES256-SHA, DHE-RSA-AES256-SHA, ECDHE-RSA-DES-CBC3-SHA, ECDHE-ECDSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA, DHE-DSS-AES256-SHA256, DHE-DSS-AES128-SHA, DHE-RSA-CHACHA20-POLY1305, ECDHE-RSA-CAMELLIA256-SHA384, ECDHE-ECDSA-CAMELLIA256-SHA384, DHE-RSA-CAMELLIA256-SHA256, DHE-DSS-CAMELLIA256-SHA256, DHE-RSA-CAMELLIA256-SHA, DHE-DSS-CAMELLIA256-SHA, CAMELLIA256-SHA256, CAMELLIA256-SHA, ECDHE-RSA-CAMELLIA128-SHA256, ECDHE-ECDSA-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA256, DHE-DSS-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA, DHE-DSS-CAMELLIA128-SHA, CAMELLIA128-SHA256, CAMELLIA128-SHA, DHE-RSA-SEED-SHA, DHE-DSS-SEED-SHA, SEED-SHA - for old level: add protocols SSLv3 - for old level: increase priority of ECDHE-RSA-AES128-SHA over ECDHE-RSA-AES256-SHA384 - for old level: increase priority of DHE-RSA-AES128-GCM-SHA256 over ECDHE-RSA-AES256-SHA - for old level: fix ciphersuite ordering, use recommended old ciphersuite - for intermediate level: sha1WithRSAEncryption is not an intermediate certificate signature, use sha256WithRSAEncryption - for intermediate level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-RSA-AES256-SHA, ECDHE-ECDSA-DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA - for intermediate level: use DHE of at least 2048bits and ECC of at least 256bits - for modern level: sha1WithRSAEncryption is not a modern certificate signature, use sha256WithRSAEncryption or ecdsa-with-SHA256 or ecdsa-with-SHA384 or ecdsa-with-SHA512 - for modern level: remove ciphersuites ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, DHE-RSA-AES128-GCM-SHA256, DHE-RSA-AES256-GCM-SHA384, DHE-RSA-AES128-SHA256, DHE-RSA-AES256-SHA256, EDH-RSA-DES-CBC3-SHA, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, DES-CBC3-SHA - for modern level: consider adding ciphers ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES128-SHA256 - for modern level: remove protocols TLSv1, TLSv1.1 - for modern level: enable Perfect Forward Secrecy with a curve of at least 256bits, don't use DHE - oldest clients: Firefox 1, Chrome 1, Windows XP IE 6, Opera 4, Safari 1, Java 6
$ tlsobs aus5.mozilla.org Scanning aus5.mozilla.org (id 12111977) --- Certificate --- Subject C=US, O=Mozilla Foundation, CN=aus5.mozilla.org SubjectAlternativeName - aus5.mozilla.org Issuer C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA Validity 2015-07-24T00:00:00Z to 2017-07-28T12:00:00Z CA false SHA1 D0F3B33D6D7A7C5221CDC8C44401BD31112315F4 SHA256 60E8E2E092BDC3B69CE260D6A52F90FD6368768600F911A22EE9F1B8833ABEEA SigAlg SHA256WithRSA ...................................................................................... --- Ciphers Evaluation --- prio cipher protocols pfs curves 1 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 2 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 3 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 4 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 5 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 6 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 7 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits 8 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 DH,1024bits 9 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits 10 DHE-RSA-AES256-SHA256 TLSv1.2 DH,1024bits 11 EDH-RSA-DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits 12 AES128-GCM-SHA256 TLSv1.2 None 13 AES256-GCM-SHA384 TLSv1.2 None 14 AES128-SHA256 TLSv1.2 None 15 AES256-SHA256 TLSv1.2 None 16 DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 None OCSP Stapling true Server Side Ordering true Curves Fallback false --- Analyzers --- * Mozilla evaluation: bad - for old level: sha256WithRSAEncryption is not an old certificate signature, use sha1WithRSAEncryption - for old level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, DHE-DSS-AES128-GCM-SHA256, DHE-DSS-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-DSS-AES128-SHA256, DHE-DSS-AES256-SHA, DHE-RSA-AES256-SHA, ECDHE-RSA-DES-CBC3-SHA, ECDHE-ECDSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA, DHE-DSS-AES256-SHA256, DHE-DSS-AES128-SHA, DHE-RSA-CHACHA20-POLY1305, ECDHE-RSA-CAMELLIA256-SHA384, ECDHE-ECDSA-CAMELLIA256-SHA384, DHE-RSA-CAMELLIA256-SHA256, DHE-DSS-CAMELLIA256-SHA256, DHE-RSA-CAMELLIA256-SHA, DHE-DSS-CAMELLIA256-SHA, CAMELLIA256-SHA256, CAMELLIA256-SHA, ECDHE-RSA-CAMELLIA128-SHA256, ECDHE-ECDSA-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA256, DHE-DSS-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA, DHE-DSS-CAMELLIA128-SHA, CAMELLIA128-SHA256, CAMELLIA128-SHA, DHE-RSA-SEED-SHA, DHE-DSS-SEED-SHA, SEED-SHA - for old level: add protocols SSLv3 - for intermediate level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-RSA-AES256-SHA, ECDHE-ECDSA-DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA - for intermediate level: use DHE of at least 2048bits and ECC of at least 256bits - for modern level: remove ciphersuites ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, DHE-RSA-AES128-GCM-SHA256, DHE-RSA-AES256-GCM-SHA384, DHE-RSA-AES128-SHA256, DHE-RSA-AES256-SHA256, EDH-RSA-DES-CBC3-SHA, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, DES-CBC3-SHA - for modern level: consider adding ciphers ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES128-SHA256 - for modern level: remove protocols TLSv1, TLSv1.1 - for modern level: enable Perfect Forward Secrecy with a curve of at least 256bits, don't use DHE
According to the source code[1], we have several options for aus4/5 in AWS. so no concerns about getting the appropriate cert. aus3 we will need to determine if: - how much traffic does it get? - what are the pinning requirements, it's not listed in the source[1] - what should we do with it? [1] https://mxr.mozilla.org/mozilla-central/source/security/manager/tools/PreloadedHPKPins.json#217
Depends on: 1179339
$tlsobs aus2.mozilla.org Scanning aus2.mozilla.org (id 12112047) Retrieving cached results from 7h29m53.158760845s ago. To run a new scan, use '-r'. --- Certificate --- Subject C=US, O=Mozilla Foundation, CN=aus2.mozilla.org SubjectAlternativeName - aus2.mozilla.org Issuer C=US, O=DigiCert Inc, CN=DigiCert Secure Server CA Validity 2013-11-14T00:00:00Z to 2016-04-27T12:00:00Z CA false SHA1 08638F4A2E67C8CD7188457B06863309CC16DD2A SHA256 53117C7CB544A117A8F7412835E1C5051CDA28BFE7B98E0D8BDA7A6269EEF2D9 SigAlg SHA1WithRSA --- Ciphers Evaluation --- prio cipher protocols pfs curves 1 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 2 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 3 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 4 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 5 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 6 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1 7 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits 8 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 DH,1024bits 9 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits 10 DHE-RSA-AES256-SHA256 TLSv1.2 DH,1024bits 11 EDH-RSA-DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits 12 AES128-GCM-SHA256 TLSv1.2 None 13 AES256-GCM-SHA384 TLSv1.2 None 14 AES128-SHA256 TLSv1.2 None 15 AES256-SHA256 TLSv1.2 None 16 DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 None OCSP Stapling true Server Side Ordering true Curves Fallback false --- Analyzers --- * Mozilla evaluation: old - for old level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, DHE-DSS-AES128-GCM-SHA256, DHE-DSS-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-DSS-AES128-SHA256, DHE-DSS-AES256-SHA, DHE-RSA-AES256-SHA, ECDHE-RSA-DES-CBC3-SHA, ECDHE-ECDSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA, DHE-DSS-AES256-SHA256, DHE-DSS-AES128-SHA, DHE-RSA-CHACHA20-POLY1305, ECDHE-RSA-CAMELLIA256-SHA384, ECDHE-ECDSA-CAMELLIA256-SHA384, DHE-RSA-CAMELLIA256-SHA256, DHE-DSS-CAMELLIA256-SHA256, DHE-RSA-CAMELLIA256-SHA, DHE-DSS-CAMELLIA256-SHA, CAMELLIA256-SHA256, CAMELLIA256-SHA, ECDHE-RSA-CAMELLIA128-SHA256, ECDHE-ECDSA-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA256, DHE-DSS-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA, DHE-DSS-CAMELLIA128-SHA, CAMELLIA128-SHA256, CAMELLIA128-SHA, DHE-RSA-SEED-SHA, DHE-DSS-SEED-SHA, SEED-SHA - for old level: add protocols SSLv3 - for old level: increase priority of ECDHE-RSA-AES128-SHA over ECDHE-RSA-AES256-SHA384 - for old level: increase priority of DHE-RSA-AES128-GCM-SHA256 over ECDHE-RSA-AES256-SHA - for old level: fix ciphersuite ordering, use recommended old ciphersuite - for intermediate level: sha1WithRSAEncryption is not an intermediate certificate signature, use sha256WithRSAEncryption - for intermediate level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-RSA-AES256-SHA, ECDHE-ECDSA-DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA - for intermediate level: use DHE of at least 2048bits and ECC of at least 256bits - for modern level: sha1WithRSAEncryption is not a modern certificate signature, use sha256WithRSAEncryption or ecdsa-with-SHA256 or ecdsa-with-SHA384 or ecdsa-with-SHA512 - for modern level: remove ciphersuites ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, DHE-RSA-AES128-GCM-SHA256, DHE-RSA-AES256-GCM-SHA384, DHE-RSA-AES128-SHA256, DHE-RSA-AES256-SHA256, EDH-RSA-DES-CBC3-SHA, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, DES-CBC3-SHA - for modern level: consider adding ciphers ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES128-SHA256 - for modern level: remove protocols TLSv1, TLSv1.1 - for modern level: enable Perfect Forward Secrecy with a curve of at least 256bits, don't use DHE - oldest clients: Firefox 1, Chrome 1, Windows XP IE 6, Opera 4, Safari 1, Java 6
Keeping in mind that AUS servers are only access by NSS clients, we can safely aim for the intermediate configuration: https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29
Do you know which ELB security policy[1] the intermediate recommendation is similar to? http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-security-policy-options.html
Flags: needinfo?(jvehent)
We can go with the latest: 2015-05. It has TLSv1 to 1.2 and all the ciphers with need.
Flags: needinfo?(jvehent)
I wrote up a doc on all of the domains that Balrog currently serves, including the applications that use each one and the SSL pinning requirements: https://wiki.mozilla.org/Balrog/Clients I'm waiting for a couple of people to review it, but I'm pretty sure it's correct already. Looks like comment #1 is all correct.
Working on the proxy for aus3 => aus5. From Ben's client doc, aus3 is used for FF4 => FF35. :ulfr any recommendations on the ELB policy [1] we should use to support these clients? [1] http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-security-policy-table.html
Flags: needinfo?(jvehent)
Same as the others: 2015-05. We've supported AES and TLSv1 since Firefox 1.
Flags: needinfo?(jvehent)
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Product: Release Engineering → Release Engineering Graveyard
You need to log in before you can comment on or make changes to this bug.