diff options
author | April King <april@mozilla.com> | 2019-07-18 23:24:20 +0300 |
---|---|---|
committer | April King <april@mozilla.com> | 2019-07-18 23:24:20 +0300 |
commit | 1285bc8b3aac801a7a65a7070320d8aab88968e5 (patch) | |
tree | a910737f5d1ec0da0f6cbc2c8a70ba8493e9a4af /config | |
parent | a7aeeda435a858eae2d54a9d8b3b934934e1d1c6 (diff) |
Move around the Server Side TLS guidelines, publish them on ssl-config
Diffstat (limited to 'config')
-rw-r--r-- | config/server-side-tls/5.1.json | 150 |
1 files changed, 0 insertions, 150 deletions
diff --git a/config/server-side-tls/5.1.json b/config/server-side-tls/5.1.json deleted file mode 100644 index 1b0a77a..0000000 --- a/config/server-side-tls/5.1.json +++ /dev/null @@ -1,150 +0,0 @@ -{ - "href": "https://ssl-config.mozilla.org/config/server-side-tls/5.1.json", - "configurations": { - "modern": { - "ciphers": { - "openssl": [], - "iana": [] - }, - "ciphersuites": [ - "TLS_AES_128_GCM_SHA256", - "TLS_AES_256_GCM_SHA384", - "TLS_CHACHA20_POLY1305_SHA256" - ], - "tls_versions": ["TLSv1.3"], - "tls_curves": ["X25519", "prime256v1", "secp384r1"], - "certificate_types": ["ecdsa"], - "certificate_curves": ["prime256v1", "secp384r1"], - "certificate_signatures": ["ecdsa-with-SHA256", "ecdsa-with-SHA384", "ecdsa-with-SHA512"], - "rsa_key_size": 2048, - "dh_param_size": null, - "ecdh_param_size": 256, - "hsts_min_age": 63072000, - "oldest_clients": ["Firefox 63", "Android 10.0", "Chrome 70", "Edge 75", "Java 11", "OpenSSL 1.1.1", "Opera 57", "Safari 12.1"], - "ocsp_staple": true, - "server_preferred_order": false, - "maximum_certificate_lifespan": 90 - }, - "intermediate": { - "ciphers": { - "openssl": [ - "ECDHE-ECDSA-AES128-GCM-SHA256", - "ECDHE-RSA-AES128-GCM-SHA256", - "ECDHE-ECDSA-AES256-GCM-SHA384", - "ECDHE-RSA-AES256-GCM-SHA384", - "ECDHE-ECDSA-CHACHA20-POLY1305", - "ECDHE-RSA-CHACHA20-POLY1305", - "DHE-RSA-AES128-GCM-SHA256", - "DHE-RSA-AES256-GCM-SHA384" - ], - "iana": [ - "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", - "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", - "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", - "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", - "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", - "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", - "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" - ] - }, - "ciphersuites": [ - "TLS_AES_128_GCM_SHA256", - "TLS_AES_256_GCM_SHA384", - "TLS_CHACHA20_POLY1305_SHA256" - ], - "tls_versions": ["TLSv1.2", "TLSv1.3"], - "tls_curves": ["X25519", "secp256r1", "secp384r1"], - "certificate_types": ["ecdsa", "rsa"], - "certificate_curves": null, - "certificate_signatures": ["sha256WithRSAEncryption", "ecdsa-with-SHA256", "ecdsa-with-SHA384", "ecdsa-with-SHA512"], - "rsa_key_size": 2048, - "dh_param_size": 2048, - "ecdh_param_size": 256, - "hsts_min_age": 63072000, - "oldest_clients": ["Firefox 27", "Android 4.4.2", "Chrome 31", "Edge", "IE 11 on Windows 7", "Java 8u31", "OpenSSL 1.0.1", "Opera 20", "Safari 9"], - "ocsp_staple": true, - "server_preferred_order": false, - "maximum_certificate_lifespan": 730 - }, - "old": { - "ciphers": { - "openssl": [ - "ECDHE-ECDSA-AES128-GCM-SHA256", - "ECDHE-RSA-AES128-GCM-SHA256", - "ECDHE-ECDSA-AES256-GCM-SHA384", - "ECDHE-RSA-AES256-GCM-SHA384", - "ECDHE-ECDSA-CHACHA20-POLY1305", - "ECDHE-RSA-CHACHA20-POLY1305", - "DHE-RSA-AES128-GCM-SHA256", - "DHE-RSA-AES256-GCM-SHA384", - "DHE-RSA-CHACHA20-POLY1305", - "ECDHE-ECDSA-AES128-SHA256", - "ECDHE-RSA-AES128-SHA256", - "ECDHE-ECDSA-AES128-SHA", - "ECDHE-RSA-AES128-SHA", - "ECDHE-ECDSA-AES256-SHA384", - "ECDHE-RSA-AES256-SHA384", - "ECDHE-ECDSA-AES256-SHA", - "ECDHE-RSA-AES256-SHA", - "DHE-RSA-AES128-SHA256", - "DHE-RSA-AES256-SHA256", - "AES128-GCM-SHA256", - "AES256-GCM-SHA384", - "AES128-SHA256", - "AES256-SHA256", - "AES128-SHA", - "AES256-SHA", - "DES-CBC3-SHA" - ], - "iana": [ - "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", - "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", - "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", - "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", - "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", - "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", - "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", - "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", - "TLS_RSA_WITH_AES_128_GCM_SHA256", - "TLS_RSA_WITH_AES_256_GCM_SHA384", - "TLS_RSA_WITH_AES_128_CBC_SHA256", - "TLS_RSA_WITH_AES_256_CBC_SHA256", - "TLS_RSA_WITH_AES_128_CBC_SHA", - "TLS_RSA_WITH_AES_256_CBC_SHA", - "TLS_RSA_WITH_3DES_EDE_CBC_SHA" - ] - }, - "ciphersuites": [ - "TLS_AES_128_GCM_SHA256", - "TLS_AES_256_GCM_SHA384", - "TLS_CHACHA20_POLY1305_SHA256" - ], - "tls_versions": ["TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"], - "tls_curves": ["X25519", "secp256r1", "secp384r1"], - "certificate_types": ["rsa"], - "certificate_curves": null, - "certificate_signatures": ["sha256WithRSAEncryption"], - "rsa_key_size": 2048, - "dh_param_size": 1024, - "ecdh_param_size": 256, - "hsts_min_age": 63072000, - "oldest_clients": ["Firefox 1", "Android 2.3", "Chrome 1", "Edge 12", "IE8 on Windows XP", "Java 6", "OpenSSL 0.9.8", "Opera 5", "Safari 1"], - "ocsp_staple": true, - "server_preferred_order": true, - "maximum_certificate_lifespan": 730 - } - }, - "version": 5.1 -} |