From eeeebd0da6b3a0df71041078ab835d1ce00d58a2 Mon Sep 17 00:00:00 2001 From: Ewout van Mansom Date: Sun, 2 Dec 2018 18:40:25 +0100 Subject: [PATCH] Add new TLS policy 'future' (#211) This new TLS policy embraces the best security practices and performance characteristics by sacrificing compatibility with older clients. --- h5bp/ssl/policy_future.conf | 45 +++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 h5bp/ssl/policy_future.conf diff --git a/h5bp/ssl/policy_future.conf b/h5bp/ssl/policy_future.conf new file mode 100644 index 0000000..60799fb --- /dev/null +++ b/h5bp/ssl/policy_future.conf @@ -0,0 +1,45 @@ +# ---------------------------------------------------------------------- +# | SSL policy - Future | +# ---------------------------------------------------------------------- + +# For services that want to be on the bleeding edge, the parameters +# below sacrifice compatibility for the highest level of security & performance +# +# (!) TLSv1.3 and it's 0-RTT feature require NGINX >=1.15.4 and OpenSSL >=1.1.1 +# to be installed. +# +# (!) Don't enable `ssl_early_data` blindly! Requests sent within early data are +# subject to replay attacks. +# +# (1) The NIST curves (prime256v1, secp384r1, secp521r1) are known to be weak +# and potentially vulnerable. +# +# Add them back to the parameter `ssl_ecdh_curve` below to support +# Microsoft Edge and Safari. +# +# https://safecurves.cr.yp.to/ +# +# (2) Enables TLS 1.3 0-RTT, allows for faster resumption of TLS sessions. +# +# (!) Requests sent within early data are subject to replay attacks. +# To protect against such attacks at the application layer, the +# $ssl_early_data variable should be used: +# proxy_set_header Early-Data $ssl_early_data; +# +# The application should return response code 425 for anything that +# could contain user supplied data. +# +# https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/425 +# +# https://github.com/certbot/certbot/issues/6367 +# https://github.com/mozilla/server-side-tls/issues/217 +# https://nginx.org/en/docs/http/ngx_http_ssl_module.html + +ssl_protocols TLSv1.2 TLSv1.3; +ssl_ciphers EECDH+CHACHA20:EECDH+AES; + +# (1) +ssl_ecdh_curve X25519; + +# (2) +#ssl_early_data on;