Libravatar (obsolete)

Make use of the Mozilla recommended ciphersuite

Bug #1250650 reported by François Marier on 2013-11-12

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Libravatar (obsolete)	Fix Released	Medium	François Marier

Bug Description

We should harmonize our TLS configurations and switch to the one recommended by Mozilla:

https://wiki.mozilla.org/Security/Server_Side_TLS#Apache

For reference, this is the recommended config:

    SSLEngine on
    SSLProtocol all -SSLv2
    SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:RC4-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK
    SSLHonorCipherOrder on
    SSLCompression off

Tags:

François Marier (fmarier) on 2014-01-02

Changed in libravatar:
status:	Confirmed → Fix Committed

François Marier (fmarier) on 2014-01-02

Changed in libravatar:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.