802
edits
Changes
GC HTTPS Web Server Config (view source)
Revision as of 11:24, 30 September 2019
, 11:24, 30 September 2019no edit summary
! Full ITSP.40.111 Cipher Suites
! Full ITSP.40.111 Cipher Suites
! Modified ITSP 40.111 Cipher Suites
! Modified ITSP 40.111 Cipher Suites
! Target Cipher Suites (<span style="color:red;">NEW:</span> 05/31/19)
! Target Cipher Suites (Publication Pending)
|- style="vertical-align:top;"
|- style="vertical-align:top;"
|
|
|
|
Recommended and prioritized (TLS 1.3):
Recommended and prioritized (TLS 1.3):
* TLS_AES_256_GCM_SHA384 (5)
* TLS_AES_256_GCM_SHA384 (5)
For a complete list of major differences, see the [https://tools.ietf.org/html/draft-ietf-tls-tls13-28 Transport Layer Security (TLS) Protocol Version 1.3 specification], section 1.3.
For a complete list of major differences, see the [https://tools.ietf.org/html/draft-ietf-tls-tls13-28 Transport Layer Security (TLS) Protocol Version 1.3 specification], section 1.3.
<br /><br />
<br /><br />
=== Web Server Configuration Templates ===
For example templates of popular Web Server Configurations [[GC HTTPS Everywhere - Web Server Configurations|click here]]!
In Mozilla’s advice on Server Side TLS, several TLS configurations are described (‘Modern’, ‘Intermediate’, and ‘Old’) that refer to some of the 'best' security settings possible, depending on the versions of the browsers that need to be supported. Supporting the ‘Old’ profile is risky and should be avoided, as it would mean supporting the insecure SSL protocol.
In Mozilla’s advice on Server Side TLS, several TLS configurations are described (‘Modern’, ‘Intermediate’, and ‘Old’) that refer to some of the 'best' security settings possible, depending on the versions of the browsers that need to be supported. Supporting the ‘Old’ profile is risky and should be avoided, as it would mean supporting the insecure SSL protocol.
<br>
<references />