From 86d8ed33ca709c78a83a82d2207ca16b162fbd95 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?L=C3=A9o=20Colombaro?= <git@colombaro.fr>
Date: Sun, 2 Dec 2018 12:47:06 +0100
Subject: [PATCH] Improve SSL directives declarations, order and descriptions

---
 h5bp/ssl/policy_intermediate.conf |  5 ++--
 h5bp/ssl/policy_modern.conf       |  4 +--
 h5bp/ssl/ssl_engine.conf          | 50 +++++++++++++++++++------------
 3 files changed, 35 insertions(+), 24 deletions(-)

diff --git a/h5bp/ssl/policy_intermediate.conf b/h5bp/ssl/policy_intermediate.conf
index 633622c..3032565 100644
--- a/h5bp/ssl/policy_intermediate.conf
+++ b/h5bp/ssl/policy_intermediate.conf
@@ -17,6 +17,5 @@
 # https://nginx.org/en/docs/http/ngx_http_ssl_module.html
 
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
-ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;
-ssl_prefer_server_ciphers on;
+ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES128-SHA256:AES256-SHA256:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:DES-CBC3-SHA;
+ssl_ecdh_curve X25519:prime256v1:secp521r1:secp384r1;
diff --git a/h5bp/ssl/policy_modern.conf b/h5bp/ssl/policy_modern.conf
index baec3b7..4073313 100644
--- a/h5bp/ssl/policy_modern.conf
+++ b/h5bp/ssl/policy_modern.conf
@@ -19,6 +19,6 @@
 
 ssl_protocols TLSv1.2;
 ssl_ciphers EECDH+CHACHA20:EECDH+AES;
+
 # (1)
-ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;
-ssl_prefer_server_ciphers on;
+ssl_ecdh_curve X25519:prime256v1:secp521r1:secp384r1;
diff --git a/h5bp/ssl/ssl_engine.conf b/h5bp/ssl/ssl_engine.conf
index a3af60b..0c16521 100644
--- a/h5bp/ssl/ssl_engine.conf
+++ b/h5bp/ssl/ssl_engine.conf
@@ -2,30 +2,42 @@
 # | SSL engine                                                         |
 # ----------------------------------------------------------------------
 
-# Optimize SSL by caching session parameters for 10 minutes. This cuts down on the number of expensive SSL handshakes.
-# The handshake is the most CPU-intensive operation, and by default it is re-negotiated on every new/parallel connection.
-# By enabling a cache (of type "shared between all Nginx workers"), we tell the client to re-use the already negotiated state.
-# Further optimization can be achieved by raising keepalive_timeout, but that shouldn't be done unless you serve primarily HTTPS.
+# (1) Optimize SSL by caching session parameters for 10 minutes.
+#     This cuts down on the number of expensive SSL handshakes.
+#     By enabling a cache, we tell the client to re-use the already
+#     negotiated state.
+#     A 1Mb cache can hold about 4000 sessions, so we can hold 40000 sessions.
 #
-# A 1Mb cache can hold about 4000 sessions, so we can hold 40000 sessions
+# (2) Use a higher keepalive timeout to reduce the need for repeated handshakes
+#     (!) Shouldn't be done unless you serve primarily HTTPS.
+#     Default is 75s
+#
+# (3) SSL buffer size
+#     Set 1400 bytes to fit in one MTU
+#     https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_buffer_size
+#
+# (4) Disable session tickets
+#     Session tickets keys are not auto-rotated. Only a HUP / restart
+#     will do so and when a restart is performed the previous key is
+#     lost, which resets all previous sessions.
+#     Only enable session tickets if you setup a manual rotation mechanism.
+#     https://trac.nginx.org/nginx/changeset/1356a3b9692441e163b4e78be4e9f5a46c7479e9/nginx
+#     https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_tickets
+#
+# (5) Basic security improvements
+
+# (1)
 ssl_session_cache shared:SSL:10m;
 ssl_session_timeout 24h;
 
-# SSL buffer size
-# 1400 bytes to fit in one MTU
+# (2)
+keepalive_timeout 300s;
+
+# (3)
 # ssl_buffer_size 1400;
 
-# Session tickets
-#
-# nginx does not auto-rotate session ticket keys: only a HUP / restart will do so and
-# when a restart is performed the previous key is lost, which resets all previous
-# sessions. The fix for this is to setup a manual rotation mechanism:
-# https://trac.nginx.org/nginx/changeset/1356a3b9692441e163b4e78be4e9f5a46c7479e9/nginx
-#
-# Note that you'll have to define and rotate the keys securely by yourself. In absence
-# of such infrastructure, consider turning off session tickets:
+# (4)
 ssl_session_tickets off;
 
-# Use a higher keepalive timeout to reduce the need for repeated handshakes
-# Default: 75s
-keepalive_timeout 300s;
+# (5)
+ssl_prefer_server_ciphers on;