Changes

no edit summary
Line 25: Line 25:  
<br><br>
 
<br><br>
 
'''Note:''' when redirecting to Canada.ca, or another major GC platform you may not/do not have control over, the configuration of the eventual domain is not your responsibility, nor will the results for that domain be reflected in your domain results.  Each domain must be configured appropriately to reach full compliance.
 
'''Note:''' when redirecting to Canada.ca, or another major GC platform you may not/do not have control over, the configuration of the eventual domain is not your responsibility, nor will the results for that domain be reflected in your domain results.  Each domain must be configured appropriately to reach full compliance.
 +
<br><br>
 +
Additional References:
 +
# [https://www.htaccessredirect.net .htaccess Generator]
 +
# [https://github.com/cisagov/pshtt#domain-and-redirect-info CISAGOV-pshtt (Github)] - fully explains redirects, defaults vs. enforces HTTPS measurement by domain-scan
 
<br>
 
<br>
 +
 
==TLS Cipher Suite Support==
 
==TLS Cipher Suite Support==
 
Departments should make use of CSE-approved cryptographic algorithms, as outlined in:
 
Departments should make use of CSE-approved cryptographic algorithms, as outlined in:
Line 50: Line 55:  
For details on the TLS handshake, see [https://tls.ulfheim.net/ The Illustrated TLS Connection].
 
For details on the TLS handshake, see [https://tls.ulfheim.net/ The Illustrated TLS Connection].
 
<br><br>
 
<br><br>
In the following table, the first column lists all ciphers which satisfy the cryptographic guidance provided in ITSP.40.111.  It is recommended that servers be configured to exclusively support the cipher suites listed in the second column, preferring them in the listed order:
+
In the following table, the first column lists all ciphers as found in cryptographic guidance provided in ITSP.40.111.  Departments are recommended to consider configurations that exclusively support the cipher suites listed in the second column, while preparing for CCCS updates to guidance for use of modern cipher suites of the third column (eliminating known vulnerable ciphers, and introducing approved TLS 1.3 cipher suites), preferring them in the listed order:
 
{| class="wikitable" border="1"  
 
{| class="wikitable" border="1"  
 
|-
 
|-
 
! Full ITSP.40.111 Cipher Suites
 
! Full ITSP.40.111 Cipher Suites
 
! Modified ITSP 40.111 Cipher Suites
 
! Modified ITSP 40.111 Cipher Suites
! Target Cipher Suites (06/01/19)
+
! Target Cipher Suites (Publication Pending)
 
|- style="vertical-align:top;"
 
|- style="vertical-align:top;"
 
|  
 
|  
Line 142: Line 147:  
* TLS_AES_128_CCM_SHA256 (5)
 
* TLS_AES_128_CCM_SHA256 (5)
 
* TLS_AES_128_CCM_8_SHA256 (5)
 
* TLS_AES_128_CCM_8_SHA256 (5)
 +
 
|
 
|
 
+
Recommended and prioritized (TLS 1.3):
 
* TLS_AES_256_GCM_SHA384 (5)
 
* TLS_AES_256_GCM_SHA384 (5)
 
* TLS_AES_128_GCM_SHA256 (5)
 
* TLS_AES_128_GCM_SHA256 (5)
 
* TLS_AES_128_CCM_SHA256 (5)
 
* TLS_AES_128_CCM_SHA256 (5)
* TLS_AES_128_CCM_8_SHA256 (5)
+
 
 +
Recommended and prioritized (TLS 1.2):
 
* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
 
* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
 
* TLS_ECDHE_ECDSA_WITH_AES_256_CCM
 
* TLS_ECDHE_ECDSA_WITH_AES_256_CCM
Line 154: Line 161:  
* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
 
* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
 
* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
 
* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+
 
* TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
+
Sufficient (Exception Use Only) and prioritized (TLS 1.2):
* TLS_DHE_RSA_WITH_AES_256_CCM
+
* TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (6)
* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+
* TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 (6)
* TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
+
* TLS_DHE_RSA_WITH_AES_256_CCM (6)
* TLS_DHE_RSA_WITH_AES_128_CCM
+
* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (6)
 +
* TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (6)
 +
* TLS_DHE_RSA_WITH_AES_128_CCM (6)
 +
* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
 +
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
 +
* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
 +
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
 +
* TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (6)
 +
* TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (6)
    
|}
 
|}
Line 169: Line 184:  
* (3) While presently included in CSE guidance, the use of 3DES is not recommended in the context of HTTPS.
 
* (3) While presently included in CSE guidance, the use of 3DES is not recommended in the context of HTTPS.
 
* (4) Mandatory cipher suite for TLS 1.2 as specified in [https://tools.ietf.org/html/rfc5246#page-65 RFC 5246]
 
* (4) Mandatory cipher suite for TLS 1.2 as specified in [https://tools.ietf.org/html/rfc5246#page-65 RFC 5246]
* (5) Approved TLS 1.3 cipher suite, as specified in [https://tools.ietf.org/html/rfc8446 RFC 8446]. Note: The use of TLS_CHACHA20_POLY1305_SHA256 is not approved for use in the GC at this time.
+
* (5) Approved TLS 1.3 cipher suite, as specified in [https://tools.ietf.org/html/rfc8446 RFC 8446]. Note: The use of TLS_CHACHA20_POLY1305_SHA256 is not approved for use in the GC at this time. TLS_AES_128_CCM_8_SHA256 has been removed from the target cipher suites list as is no longer recommended for TLS 1.3.
 +
* (6) All Diffie-Hellman (DH/DHE) cipher suites must adhere to CSE guidance to use a minimum 2048-bit key.
 
<br>
 
<br>
   Line 268: Line 284:  
For a complete list of major differences, see the [https://tools.ietf.org/html/draft-ietf-tls-tls13-28 Transport Layer Security (TLS) Protocol Version 1.3 specification], section 1.3.
 
For a complete list of major differences, see the [https://tools.ietf.org/html/draft-ietf-tls-tls13-28 Transport Layer Security (TLS) Protocol Version 1.3 specification], section 1.3.
 
<br /><br />
 
<br /><br />
 +
 +
=== Web Server Configuration Templates ===
 +
For example templates of popular Web Server Configurations [[GC HTTPS Everywhere - Web Server Configurations|click here]]!
 +
      Line 293: Line 313:  
* [https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility Mozilla Security/Server Side TLS]
 
* [https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility Mozilla Security/Server Side TLS]
 
* [https://infosec.mozilla.org/guidelines/web_security Mozilla web security general reference]
 
* [https://infosec.mozilla.org/guidelines/web_security Mozilla web security general reference]
 +
* [https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls Transport Layer Security (TLS) best practices with the .NET Framework]
    
In Mozilla’s advice on Server Side TLS, several TLS configurations are described (‘Modern’, ‘Intermediate’, and ‘Old’) that refer to some of the 'best' security settings possible, depending on the versions of the browsers that need to be supported. Supporting the ‘Old’ profile is risky and should be avoided, as it would mean supporting the insecure SSL protocol.
 
In Mozilla’s advice on Server Side TLS, several TLS configurations are described (‘Modern’, ‘Intermediate’, and ‘Old’) that refer to some of the 'best' security settings possible, depending on the versions of the browsers that need to be supported. Supporting the ‘Old’ profile is risky and should be avoided, as it would mean supporting the insecure SSL protocol.
   −
<br>
+
 
 +
<references />