Closed
Bug 1248760
Opened 9 years ago
Closed 8 years ago
Determine DNS names and TLS requirements
Categories
(Release Engineering Graveyard :: Applications: Balrog (backend), defect)
Release Engineering Graveyard
Applications: Balrog (backend)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: mostlygeek, Unassigned)
References
Details
From the onboarding meeting it was determined that there several DNS endpoints used for the updater service (aus.mozilla.org, aus1.m.o, aus2.m.o, ... aus5.m.o). These are baked in and shipped as part of a Firefox release.
There are also cert pinning requirements for these DNS endpoints.
Reporter | ||
Comment 1•9 years ago
|
||
A bit more information about the DNS names:
- aus.mozilla.org - Redirects to www.mozilla.org. No TLS, HTTP only service.
- aus1.mozilla.org - does not resolve
- aus2.mozilla.org - https only, 301's to https://aus4.mozilla.org
- aus3.mozilla.org - https only, normal service, Thawte SSL cert
- aus4.mozilla.org - http redir to http, https service, DigiCert cert
- aus5.mozilla.org - http redir to http, https service, Digicert cert
Reporter | ||
Comment 2•9 years ago
|
||
$ tlsobs aus3.mozilla.org
Scanning aus3.mozilla.org (id 12111975)
Retrieving cached results from 20m35.197806025s ago. To run a new scan, use '-r'.
--- Certificate ---
Subject C=US, O=Mozilla Foundation, OU=Automatic Update System, CN=aus3.mozilla.org
SubjectAlternativeName
- aus3.mozilla.org
Issuer C=US, O=Thawte, Inc., CN=Thawte SSL CA
Validity 2013-09-09T00:00:00Z to 2017-09-08T23:59:59Z
CA false
SHA1 F5E289911D7931A92D7B7C9FCF483296C5C10140
SHA256 655713C0267B80027773260B7FD46C5CA8BA255B7D401165E9028AE81B868D08
SigAlg SHA1WithRSA
--- Ciphers Evaluation ---
prio cipher protocols pfs curves
1 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
2 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
3 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
4 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
5 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
6 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
7 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits
8 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 DH,1024bits
9 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits
10 DHE-RSA-AES256-SHA256 TLSv1.2 DH,1024bits
11 EDH-RSA-DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits
12 AES128-GCM-SHA256 TLSv1.2 None
13 AES256-GCM-SHA384 TLSv1.2 None
14 AES128-SHA256 TLSv1.2 None
15 AES256-SHA256 TLSv1.2 None
16 DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 None
OCSP Stapling true
Server Side Ordering true
Curves Fallback false
--- Analyzers ---
* Mozilla evaluation: old
- for old level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, DHE-DSS-AES128-GCM-SHA256, DHE-DSS-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-DSS-AES128-SHA256, DHE-DSS-AES256-SHA, DHE-RSA-AES256-SHA, ECDHE-RSA-DES-CBC3-SHA, ECDHE-ECDSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA, DHE-DSS-AES256-SHA256, DHE-DSS-AES128-SHA, DHE-RSA-CHACHA20-POLY1305, ECDHE-RSA-CAMELLIA256-SHA384, ECDHE-ECDSA-CAMELLIA256-SHA384, DHE-RSA-CAMELLIA256-SHA256, DHE-DSS-CAMELLIA256-SHA256, DHE-RSA-CAMELLIA256-SHA, DHE-DSS-CAMELLIA256-SHA, CAMELLIA256-SHA256, CAMELLIA256-SHA, ECDHE-RSA-CAMELLIA128-SHA256, ECDHE-ECDSA-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA256, DHE-DSS-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA, DHE-DSS-CAMELLIA128-SHA, CAMELLIA128-SHA256, CAMELLIA128-SHA, DHE-RSA-SEED-SHA, DHE-DSS-SEED-SHA, SEED-SHA
- for old level: add protocols SSLv3
- for old level: increase priority of ECDHE-RSA-AES128-SHA over ECDHE-RSA-AES256-SHA384
- for old level: increase priority of DHE-RSA-AES128-GCM-SHA256 over ECDHE-RSA-AES256-SHA
- for old level: fix ciphersuite ordering, use recommended old ciphersuite
- for intermediate level: sha1WithRSAEncryption is not an intermediate certificate signature, use sha256WithRSAEncryption
- for intermediate level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-RSA-AES256-SHA, ECDHE-ECDSA-DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA
- for intermediate level: use DHE of at least 2048bits and ECC of at least 256bits
- for modern level: sha1WithRSAEncryption is not a modern certificate signature, use sha256WithRSAEncryption or ecdsa-with-SHA256 or ecdsa-with-SHA384 or ecdsa-with-SHA512
- for modern level: remove ciphersuites ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, DHE-RSA-AES128-GCM-SHA256, DHE-RSA-AES256-GCM-SHA384, DHE-RSA-AES128-SHA256, DHE-RSA-AES256-SHA256, EDH-RSA-DES-CBC3-SHA, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, DES-CBC3-SHA
- for modern level: consider adding ciphers ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES128-SHA256
- for modern level: remove protocols TLSv1, TLSv1.1
- for modern level: enable Perfect Forward Secrecy with a curve of at least 256bits, don't use DHE
- oldest clients: Firefox 1, Chrome 1, Windows XP IE 6, Opera 4, Safari 1, Java 6
Reporter | ||
Comment 3•9 years ago
|
||
$ tlsobs aus4.mozilla.org
Scanning aus4.mozilla.org (id 12111976)
Retrieving cached results from 21m40.889715776s ago. To run a new scan, use '-r'.
--- Certificate ---
Subject C=US, O=Mozilla Foundation, CN=aus4.mozilla.org
SubjectAlternativeName
- aus4.mozilla.org
Issuer C=US, O=DigiCert Inc, CN=DigiCert Secure Server CA
Validity 2015-09-09T00:00:00Z to 2018-12-07T12:00:00Z
CA false
SHA1 A1EA95E56132B5EB8C57D0E95391A9515BEB7D61
SHA256 680A8F892E76076F6D1C0B03F96D648B324D52DCAAB04E0EED0E93CEA281D6FD
SigAlg SHA1WithRSA
--- Ciphers Evaluation ---
prio cipher protocols pfs curves
1 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
2 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
3 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
4 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
5 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
6 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
7 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits
8 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 DH,1024bits
9 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits
10 DHE-RSA-AES256-SHA256 TLSv1.2 DH,1024bits
11 EDH-RSA-DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits
12 AES128-GCM-SHA256 TLSv1.2 None
13 AES256-GCM-SHA384 TLSv1.2 None
14 AES128-SHA256 TLSv1.2 None
15 AES256-SHA256 TLSv1.2 None
16 DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 None
OCSP Stapling true
Server Side Ordering true
Curves Fallback false
--- Analyzers ---
* Mozilla evaluation: old
- for old level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, DHE-DSS-AES128-GCM-SHA256, DHE-DSS-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-DSS-AES128-SHA256, DHE-DSS-AES256-SHA, DHE-RSA-AES256-SHA, ECDHE-RSA-DES-CBC3-SHA, ECDHE-ECDSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA, DHE-DSS-AES256-SHA256, DHE-DSS-AES128-SHA, DHE-RSA-CHACHA20-POLY1305, ECDHE-RSA-CAMELLIA256-SHA384, ECDHE-ECDSA-CAMELLIA256-SHA384, DHE-RSA-CAMELLIA256-SHA256, DHE-DSS-CAMELLIA256-SHA256, DHE-RSA-CAMELLIA256-SHA, DHE-DSS-CAMELLIA256-SHA, CAMELLIA256-SHA256, CAMELLIA256-SHA, ECDHE-RSA-CAMELLIA128-SHA256, ECDHE-ECDSA-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA256, DHE-DSS-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA, DHE-DSS-CAMELLIA128-SHA, CAMELLIA128-SHA256, CAMELLIA128-SHA, DHE-RSA-SEED-SHA, DHE-DSS-SEED-SHA, SEED-SHA
- for old level: add protocols SSLv3
- for old level: increase priority of ECDHE-RSA-AES128-SHA over ECDHE-RSA-AES256-SHA384
- for old level: increase priority of DHE-RSA-AES128-GCM-SHA256 over ECDHE-RSA-AES256-SHA
- for old level: fix ciphersuite ordering, use recommended old ciphersuite
- for intermediate level: sha1WithRSAEncryption is not an intermediate certificate signature, use sha256WithRSAEncryption
- for intermediate level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-RSA-AES256-SHA, ECDHE-ECDSA-DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA
- for intermediate level: use DHE of at least 2048bits and ECC of at least 256bits
- for modern level: sha1WithRSAEncryption is not a modern certificate signature, use sha256WithRSAEncryption or ecdsa-with-SHA256 or ecdsa-with-SHA384 or ecdsa-with-SHA512
- for modern level: remove ciphersuites ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, DHE-RSA-AES128-GCM-SHA256, DHE-RSA-AES256-GCM-SHA384, DHE-RSA-AES128-SHA256, DHE-RSA-AES256-SHA256, EDH-RSA-DES-CBC3-SHA, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, DES-CBC3-SHA
- for modern level: consider adding ciphers ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES128-SHA256
- for modern level: remove protocols TLSv1, TLSv1.1
- for modern level: enable Perfect Forward Secrecy with a curve of at least 256bits, don't use DHE
- oldest clients: Firefox 1, Chrome 1, Windows XP IE 6, Opera 4, Safari 1, Java 6
Reporter | ||
Comment 4•9 years ago
|
||
$ tlsobs aus5.mozilla.org
Scanning aus5.mozilla.org (id 12111977)
--- Certificate ---
Subject C=US, O=Mozilla Foundation, CN=aus5.mozilla.org
SubjectAlternativeName
- aus5.mozilla.org
Issuer C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA
Validity 2015-07-24T00:00:00Z to 2017-07-28T12:00:00Z
CA false
SHA1 D0F3B33D6D7A7C5221CDC8C44401BD31112315F4
SHA256 60E8E2E092BDC3B69CE260D6A52F90FD6368768600F911A22EE9F1B8833ABEEA
SigAlg SHA256WithRSA
......................................................................................
--- Ciphers Evaluation ---
prio cipher protocols pfs curves
1 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
2 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
3 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
4 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
5 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
6 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
7 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits
8 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 DH,1024bits
9 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits
10 DHE-RSA-AES256-SHA256 TLSv1.2 DH,1024bits
11 EDH-RSA-DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits
12 AES128-GCM-SHA256 TLSv1.2 None
13 AES256-GCM-SHA384 TLSv1.2 None
14 AES128-SHA256 TLSv1.2 None
15 AES256-SHA256 TLSv1.2 None
16 DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 None
OCSP Stapling true
Server Side Ordering true
Curves Fallback false
--- Analyzers ---
* Mozilla evaluation: bad
- for old level: sha256WithRSAEncryption is not an old certificate signature, use sha1WithRSAEncryption
- for old level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, DHE-DSS-AES128-GCM-SHA256, DHE-DSS-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-DSS-AES128-SHA256, DHE-DSS-AES256-SHA, DHE-RSA-AES256-SHA, ECDHE-RSA-DES-CBC3-SHA, ECDHE-ECDSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA, DHE-DSS-AES256-SHA256, DHE-DSS-AES128-SHA, DHE-RSA-CHACHA20-POLY1305, ECDHE-RSA-CAMELLIA256-SHA384, ECDHE-ECDSA-CAMELLIA256-SHA384, DHE-RSA-CAMELLIA256-SHA256, DHE-DSS-CAMELLIA256-SHA256, DHE-RSA-CAMELLIA256-SHA, DHE-DSS-CAMELLIA256-SHA, CAMELLIA256-SHA256, CAMELLIA256-SHA, ECDHE-RSA-CAMELLIA128-SHA256, ECDHE-ECDSA-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA256, DHE-DSS-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA, DHE-DSS-CAMELLIA128-SHA, CAMELLIA128-SHA256, CAMELLIA128-SHA, DHE-RSA-SEED-SHA, DHE-DSS-SEED-SHA, SEED-SHA
- for old level: add protocols SSLv3
- for intermediate level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-RSA-AES256-SHA, ECDHE-ECDSA-DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA
- for intermediate level: use DHE of at least 2048bits and ECC of at least 256bits
- for modern level: remove ciphersuites ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, DHE-RSA-AES128-GCM-SHA256, DHE-RSA-AES256-GCM-SHA384, DHE-RSA-AES128-SHA256, DHE-RSA-AES256-SHA256, EDH-RSA-DES-CBC3-SHA, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, DES-CBC3-SHA
- for modern level: consider adding ciphers ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES128-SHA256
- for modern level: remove protocols TLSv1, TLSv1.1
- for modern level: enable Perfect Forward Secrecy with a curve of at least 256bits, don't use DHE
Reporter | ||
Comment 5•9 years ago
|
||
According to the source code[1], we have several options for aus4/5 in AWS. so no concerns about getting the appropriate cert.
aus3 we will need to determine if:
- how much traffic does it get?
- what are the pinning requirements, it's not listed in the source[1]
- what should we do with it?
[1] https://mxr.mozilla.org/mozilla-central/source/security/manager/tools/PreloadedHPKPins.json#217
Reporter | ||
Comment 6•9 years ago
|
||
$tlsobs aus2.mozilla.org
Scanning aus2.mozilla.org (id 12112047)
Retrieving cached results from 7h29m53.158760845s ago. To run a new scan, use '-r'.
--- Certificate ---
Subject C=US, O=Mozilla Foundation, CN=aus2.mozilla.org
SubjectAlternativeName
- aus2.mozilla.org
Issuer C=US, O=DigiCert Inc, CN=DigiCert Secure Server CA
Validity 2013-11-14T00:00:00Z to 2016-04-27T12:00:00Z
CA false
SHA1 08638F4A2E67C8CD7188457B06863309CC16DD2A
SHA256 53117C7CB544A117A8F7412835E1C5051CDA28BFE7B98E0D8BDA7A6269EEF2D9
SigAlg SHA1WithRSA
--- Ciphers Evaluation ---
prio cipher protocols pfs curves
1 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
2 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
3 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
4 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
5 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
6 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1,secp384r1,secp521r1
7 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits
8 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 DH,1024bits
9 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits
10 DHE-RSA-AES256-SHA256 TLSv1.2 DH,1024bits
11 EDH-RSA-DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits
12 AES128-GCM-SHA256 TLSv1.2 None
13 AES256-GCM-SHA384 TLSv1.2 None
14 AES128-SHA256 TLSv1.2 None
15 AES256-SHA256 TLSv1.2 None
16 DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 None
OCSP Stapling true
Server Side Ordering true
Curves Fallback false
--- Analyzers ---
* Mozilla evaluation: old
- for old level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, DHE-DSS-AES128-GCM-SHA256, DHE-DSS-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-DSS-AES128-SHA256, DHE-DSS-AES256-SHA, DHE-RSA-AES256-SHA, ECDHE-RSA-DES-CBC3-SHA, ECDHE-ECDSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA, DHE-DSS-AES256-SHA256, DHE-DSS-AES128-SHA, DHE-RSA-CHACHA20-POLY1305, ECDHE-RSA-CAMELLIA256-SHA384, ECDHE-ECDSA-CAMELLIA256-SHA384, DHE-RSA-CAMELLIA256-SHA256, DHE-DSS-CAMELLIA256-SHA256, DHE-RSA-CAMELLIA256-SHA, DHE-DSS-CAMELLIA256-SHA, CAMELLIA256-SHA256, CAMELLIA256-SHA, ECDHE-RSA-CAMELLIA128-SHA256, ECDHE-ECDSA-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA256, DHE-DSS-CAMELLIA128-SHA256, DHE-RSA-CAMELLIA128-SHA, DHE-DSS-CAMELLIA128-SHA, CAMELLIA128-SHA256, CAMELLIA128-SHA, DHE-RSA-SEED-SHA, DHE-DSS-SEED-SHA, SEED-SHA
- for old level: add protocols SSLv3
- for old level: increase priority of ECDHE-RSA-AES128-SHA over ECDHE-RSA-AES256-SHA384
- for old level: increase priority of DHE-RSA-AES128-GCM-SHA256 over ECDHE-RSA-AES256-SHA
- for old level: fix ciphersuite ordering, use recommended old ciphersuite
- for intermediate level: sha1WithRSAEncryption is not an intermediate certificate signature, use sha256WithRSAEncryption
- for intermediate level: consider adding ciphers ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA, DHE-RSA-AES128-SHA, DHE-RSA-AES256-SHA, ECDHE-ECDSA-DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, AES128-SHA, AES256-SHA
- for intermediate level: use DHE of at least 2048bits and ECC of at least 256bits
- for modern level: sha1WithRSAEncryption is not a modern certificate signature, use sha256WithRSAEncryption or ecdsa-with-SHA256 or ecdsa-with-SHA384 or ecdsa-with-SHA512
- for modern level: remove ciphersuites ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, DHE-RSA-AES128-GCM-SHA256, DHE-RSA-AES256-GCM-SHA384, DHE-RSA-AES128-SHA256, DHE-RSA-AES256-SHA256, EDH-RSA-DES-CBC3-SHA, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256, DES-CBC3-SHA
- for modern level: consider adding ciphers ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-CHACHA20-POLY1305, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-ECDSA-AES128-SHA256
- for modern level: remove protocols TLSv1, TLSv1.1
- for modern level: enable Perfect Forward Secrecy with a curve of at least 256bits, don't use DHE
- oldest clients: Firefox 1, Chrome 1, Windows XP IE 6, Opera 4, Safari 1, Java 6
Comment 7•9 years ago
|
||
Keeping in mind that AUS servers are only access by NSS clients, we can safely aim for the intermediate configuration: https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29
Reporter | ||
Comment 8•9 years ago
|
||
Do you know which ELB security policy[1] the intermediate recommendation is similar to?
http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-security-policy-options.html
Flags: needinfo?(jvehent)
Comment 9•9 years ago
|
||
We can go with the latest: 2015-05. It has TLSv1 to 1.2 and all the ciphers with need.
Flags: needinfo?(jvehent)
Comment 10•9 years ago
|
||
I wrote up a doc on all of the domains that Balrog currently serves, including the applications that use each one and the SSL pinning requirements: https://wiki.mozilla.org/Balrog/Clients
I'm waiting for a couple of people to review it, but I'm pretty sure it's correct already. Looks like comment #1 is all correct.
Reporter | ||
Comment 11•9 years ago
|
||
Working on the proxy for aus3 => aus5. From Ben's client doc, aus3 is used for FF4 => FF35.
:ulfr any recommendations on the ELB policy [1] we should use to support these clients?
[1] http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-security-policy-table.html
Flags: needinfo?(jvehent)
Comment 12•9 years ago
|
||
Same as the others: 2015-05. We've supported AES and TLSv1 since Firefox 1.
Flags: needinfo?(jvehent)
Reporter | ||
Updated•8 years ago
|
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Updated•5 years ago
|
Product: Release Engineering → Release Engineering Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•