MozillaWiki

Security/Server Side TLS: Difference between revisions

Page Discussion

Security/Server Side TLS (view source)

Revision as of 19:09, 14 October 2013

92 bytes added ,  14 October 2013
no edit summary
No edit summary
No edit summary
Line 1: Line 1:
The goal of this document is to help operational teams with the configuration of TLS on servers. All Mozilla sites and deployment should follow the recommendations below.
The Operations Security (OpSec) team maintains this document as a reference guide to navigate the TLS landscape. It contains information on TLS protocols, known issues and vulnerabilities, configuration examples and testing tools. Changes are reviewed and merged by the OpSec team, and broadcasted to the various Operational teams.
<table><tr>
<table><tr>
<td><div style="float:left;" class="toclimit-3">__TOC__</div></td>
<td><div style="float:left;" class="toclimit-3">__TOC__</div></td>
Line 17: Line 21:
</td>
</td>
</tr></table>
</tr></table>
This document provides guidelines for the configuration of SSL/TLS on servers. All Mozilla sites and deployment should follow the recommendations below.
While SSL/TLS provides strong security, default settings must generally be avoided. In addition to known vulnerabilities in SSLv2, Beast and so on, some ciphersuites simply do not provide any security and use NULL ciphers or non-authenticated key exchanges.


= Recommended Ciphersuite =
= Recommended Ciphersuite =
Ulfr
Confirmed users
529

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/728768"