"They've" been at it from the beginning, so it somehow seems understandable that Mozilla has a lot of "SSL" momentum or carryover.
at the time it made sense to us because you couldnt have good SSL configuration everywhere (it was not well supported) so we had trade-offs and created tiers of configs. We barely had TLS coming out, so SSL eas still the name of the game.
nowaday just use the latest TLS defaults and you're golden.
"Somehow" is doing a lot work in that sentence.
Operationally, there's no difference between the security procedures and requirements that a for-profit or a non-profit CA must adhere to.
[1]: https://sslmate.com/resources/certificate_authority_failures
While I don't get the cynicism in this case, you would agree supporting a secure web is in the public interest, right?
There is a sea of difference between something like Google/Facebook/TikTok and Let’s Encrypt/the Linux Foundation/FSF/etc. I can only assume you can’t see that difference if you have spent no time reading about these things, but I would encourage you to. This stuff is important especially if you get to make security decisions for any kind of product.
I think this concern is reflects a misunderstanding of how the security of the WebPKI works. Specifically, any CA can issue certificates for your domain whether you are their customer or not. What that means is that if CA #1 is compromised but you choose CA #2, CA #1 can still be used to attack connections to your domain.
The situation is slightly worse if the CA you actually use is compromised because the main defense we have against misissuance is Certificate Transparency, and it's easier to detect that a certificate was issued by a CA you don't use than that too many certificates were issued by a CA you do use, but it's just slightly easier.
The bottom line here is that if you are worried about some group of CAs being compromised, then using a different CA doesn't help you much.
Of course the (more secure?) alternative would be to generate self-signed certs, but for customer-facing sites that's a big UX problem.
Well, you can choose to do whatever you want, but given that you're posting to a public forum, it would be helpful if you actually explained your reasoning.
> Of course the (more secure?) alternative would be to generate self-signed certs, but for customer-facing sites that's a big UX problem.
It's not just a big UX problem, it's a big security problem, because the customers have no way of knowing if your certificate is actually valid.
It's exceedingly clear that's not going to happen, and I think we all know why. Good reminder to anyone that anyone can just post here. Including people that logic-lessly think that paying a shitty third party that probably has a bad track record is somehow better than using LE. Like, this isn't a serious conversation?
What does this mean in practice? Do you remove the free providers from your OS & browser trust stores? Does this mean you get warnings every time you visit a site that uses LetsEncrypt (and other free providers)?
So, 1-year certs and renew 60 days out, send out new fingerprint and at 30 days, we would occasionally swap it in and out as brownout with replacement at 15 days.
We have already indicated when it drops to 100 days, we will swap to automation and no longer communicate when changes will occur. Account Managers are already getting push back from customers. It's possible we will continue using Digicert because they seem to promise that Intermediate certs won't rotate unlike Let's Encrypt which rotates them more frequently which is better security practice. So Enterprise customers will cert pin to Intermediate instead.
The name was changed from SSL to TLS as part of the adoption in IETF. I imagine different people had different motivations, but in part it was a signal that it was going to be controlled by IETF rather than Netscape.
As far as compatibility goes, TLS is backward compatible with SSLv3 [0] in that the client can send a ClientHello that is acceptable to both SSLv3 and TLS servers and the server can select the version to use.
Re: the version number, we're now on TLS 1.3, so I guess that would be SSLv7.
[0] The situation is more complicated with SSLv2, which had a different ClientHello format.
I think xerox still exits but darn if I haven’t seen one in ages.
Xerox -> Fuji-Xerox -> FUJIFILM Business Innovation
When doing this, you see that some people feel that you are being pedantic.
And the biggest issue is that it creates confusion. During calls with customers, when I tell that we're going to setup their TLS certs, they reply, worried: "no, we need SSL certs!".
I see it as another chicken & egg situation: regular people don't know about TLS, and business are afraid of communicating about TLS because they don't want their customer going elsewhere because they don't understand what TLS is and want SSL
I went on Cloudflare to try and illustrate this, and it's... complicated https://www.cloudflare.com/application-services/products/ssl...
The path says SSL but most of the page it about TLS, unless sometimes it's SSL...
It became a generic name that everyone knew for encrypted HTTP connections. It still is a generic name for that, even though the underlying protocol changed name to TLS.
[1] - https://securityheaders.com/
Not to mention, when i looked at the hall of fame entries, most had a CSP header, but it was a useless CSP header that was meaningless. It doesn't seem to distinguish between having the header and actually using it correctly.
Nice to read that you are reasonable.
Also, they want a strict CSP while serving 10 different ad networks :)
And the 20s is extra annoying because it's completely unnecessary. The tool is so slow because it's thousands of lines of pure bash, manipulating individual bytes. And because it's bash, it also breaks in confusing ways when you look at it wrong[1].
Perhaps it is too niche of a thing. Sadly. It really is quite useful in some situations.
> The Mozilla SSL Configuration Generator is great, and it should not exist.
I'm fairly certain that when that generator was made (or article written), OpenSSL and similar already had ciphersuite presets one could use. So it is a bit odd that the generator is not enhancing those.
As an example, in the case of OpenSSL you can combine presets such as "HIGH" with your additional preferences. Such as avoiding non-PFS key exchanges, DoS risks, SHA1 phase out or less frequently used block ciphers. Result being something like "HIGH:!kRSA:!kEDH:!SHA1:!CAMELLIA:!ARIA". Optionally one can also bump up global "SECLEVEL" in OpenSSL's configuration.
Such a combination helps avoid issues like accidentally crippling operations when an ECC key(/cert) is used and someone forgot to allow ECDHE+ECDSA in addition to ECDHE+RSA. Nor does it accidentally disable strong ciphersuites using ChaCha20 that aren't as old.
Same goes for key exchange configuration. Quite a few servers don't have EdDSA available that don't run Windows, I suspect it's because they were set at some point and forgotten. Now such configuration also disables post-quantum hybrid key exchange algorithms.
> all the ciphers in Modern and Intermediate are secure. As such, we let the client choose the most performant cipher suite for their hardware configuration.
https://github.com/mozilla/server-side-tls/issues/260#issuec...
The choice between ChaCha20 and AES can be left to the clients with the "PrioritizeChaCha" option. On both OpenSSL and BoringSSL, likely similar options are available with other libraries as well. Anything else such as not enforcing any preference is unnecessary.
Needing to cha-cha your salsas, 128 to the 256 to the 1305...picking SSL ciphers is the biggest cargo-cult thing ever. I have no clue what I am doing.
https://wiki.mozilla.org/Security/Server_Side_TLS
Such useful resources.
quesera•2mo ago
It's a great idea. I've created (or copied) at least half of these output formats, a few of which I remember being annoyingly difficult to surface from the project docs.
But in the moment today, it's mostly interesting to see the different ways of saying the same things in various configuration languages. And thinking that this might be why so many people with different brains find the technology world so obtuse and off-putting.
The joke's on them, of course. We like it this way! (Never wrestle with a pig...)