Skip to content
This repository was archived by the owner on Apr 22, 2023. It is now read-only.

tls: more secure defaults#14194

Closed
jasnell wants to merge 1 commit intonodejs:masterfrom
jasnell:tls-update-cipher-suite
Closed

tls: more secure defaults#14194
jasnell wants to merge 1 commit intonodejs:masterfrom
jasnell:tls-update-cipher-suite

Conversation

@jasnell
Copy link
Copy Markdown
Member

@jasnell jasnell commented Mar 31, 2015

Port of io.js commit: nodejs/node@77f3586

Original commit message:

This updates the default cipher suite to an more secure list, which
prefers strong ciphers with Forward Secrecy. Additionally, it enables
honorCipherOrder by default.

Noteable effect of this change is that the insecure RC4 ciphers are
disabled and that Chrome negotiates a more secure ECDHE cipher.

Reviewed-By: Ben Noordhuis info@bnoordhuis.nl
Reviewed-By: Fedor Indutny fedor@indutny.com
PR-URL: nodejs/node#826

@jasnell
tls: more secure defaults
1b1fe53 
Port of io.js commit: nodejs/node@77f3586

Original commit message:

This updates the default cipher suite to an more secure list, which
prefers strong ciphers with Forward Secrecy. Additionally, it enables
`honorCipherOrder` by default.

Noteable effect of this change is that the insecure RC4 ciphers are
disabled and that Chrome negotiates a more secure ECDHE cipher.

Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
PR-URL: nodejs/node#826
@jasnell
Copy link
Copy Markdown
Member Author

jasnell commented Mar 31, 2015

Replaces #14192 with updated commit message

@jasnell jasnell self-assigned this Mar 31, 2015
@jasnell jasnell added this to the 0.13.1 milestone Mar 31, 2015
@misterdjules
Copy link
Copy Markdown

misterdjules commented Apr 7, 2015

Is it still relevant after #14383 has been created?

@jasnell
Copy link
Copy Markdown
Member Author

jasnell commented Apr 7, 2015

By itself, no. Just taking the updated defaults is not quite enough. The
updated PR incorporates this change plus the additional command line
switches.

On Tue, Apr 7, 2015 at 4:36 PM, Julien Gilli notifications@github.com
wrote:

Is it still relevant after #14383
#14383 has been created?


Reply to this email directly or view it on GitHub
#14194 (comment).

@misterdjules
Copy link
Copy Markdown

misterdjules commented Apr 7, 2015

OK 👍 Should we close this one then?

@jasnell
Copy link
Copy Markdown
Member Author

jasnell commented Apr 8, 2015

Yes. I'll do that shortly.
On Apr 7, 2015 4:58 PM, "Julien Gilli" notifications@github.com wrote:

OK [image: 👍] Should we close this one then?


Reply to this email directly or view it on GitHub
#14194 (comment).

@jasnell jasnell closed this Apr 8, 2015
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

@jasnell jasnell

Labels

master pr

Projects

None yet

Milestone

0.13.1

Development

Successfully merging this pull request may close these issues.

4 participants

@jasnell @misterdjules @tjfontaine @Nodejs-Jenkins