From 5a2f750c53a7336c184fa3cc4181ac3a243cf875 Mon Sep 17 00:00:00 2001 From: Ewout van Mansom Date: Fri, 30 Nov 2018 12:12:02 +0100 Subject: [PATCH] Add note explaining secure eleptic curve situation for modern TLS profile preset (#209) --- h5bp/ssl/policy_modern.conf | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/h5bp/ssl/policy_modern.conf b/h5bp/ssl/policy_modern.conf index 0a7768e..baec3b7 100644 --- a/h5bp/ssl/policy_modern.conf +++ b/h5bp/ssl/policy_modern.conf @@ -9,10 +9,16 @@ # errors with old clients. # If a more compatible profile is required, use intermediate policy. # +# (1) The NIST curves (prime256v1, secp384r1, secp521r1) are known +# to be weak and potentially vulnerable but are required to support +# Microsoft Edge and Safari. +# https://safecurves.cr.yp.to/ +# # https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations # https://nginx.org/en/docs/http/ngx_http_ssl_module.html ssl_protocols TLSv1.2; ssl_ciphers EECDH+CHACHA20:EECDH+AES; +# (1) ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1; ssl_prefer_server_ciphers on;