finally, an A+ -- https://www.ssllabs.com/ssltest/analyze.html?d=arpnetworks.com&s=208.79.89.246 weeeeeeeeeeeeeeeeeee up_the_irons: I think I would drop the 3DES suites? also, portal doesn't have HSTS, and you use HSTS without includeSubDomains, which generally would be recommended to avoid cookie leaks, if possible fIorz: thing is, I'm not too sure how to make modifications wrt HSTS (it's new to me) https://cipherli.st eg for nginx it's the add_header directive (of course, you'll want to know what you're doing first, *especially* when it comes to setting includeSubDomains) i think includesubdomains is bad idea myself having hsts in chrome etc would be good thoguh Depends what the subdomains are/how much control you have over them. When you set includeSubDomains, browsers visiting the website will pick that up and store that for future use. Any time a user tries "whatever.arpnetworks.com" their browser will automatically force https. If you have subdomains without https, they are now broken to those users. brycec: and you can't go back ;) mercutio: you can, but it's a beast. oh i thought you had to wait for expiration time In chrome anyways, you gotta dive into chrome://net-internals#hsts so yeah you can't go back :) and delete the domain from the browser's learned HSTS hosts Effectively, yeah. I think it's an alright idea, but you really gotta know what you're doing with it and whether it's safe to use it. Much like TNT. brycec: do you know how reliable revoking is now? You could add TLS to all subdomains... mercutio: revoking what? brycec: ssl cert my understanding is that that doesn't work very well. but times may have changed afaik nothing has changed, but more people are realizing it's easier to have short timeframe certificates instead i'm too conservative to add includeSubDomains from the outset up_the_irons: good man. Makes sense. :) yeah google really led the way on short certs but i don't know of one big cert outfits doing it yet s/one/any/ but i don't know of any big cert outfits doing it yet Isn't Let's Encrypt doing short certs? they're not "big" Oh. they're getting bigger it's nowhere near the size of comodo etc I saw a headline the other day suggesting LE may be one of the largest CAs now https://www.eff.org/deeplinks/2016/10/lets-encrypt-largest-certificate-authority-web It's hard to beat free. biggest by revenue? lolol let's encrypt is used by 3% of top 10 million web sites but a lot of low traffic sites brycec: I think you can set a new HSTS policy on the primary domain to expire in one second or something to clear it, at least that's what I remember But that requires the primary domain be accessible still to unset includesubdomains that doesn't solve the case where a browser that has seen the HSTS header tries to access whatever.domain.tld via TLS even though it's not available via TLS--until it makes a request to domain.tld to receive the short-lives HSTS header, it will insist on using TLS which means you've got to keep TLS on at least as long as you had to before in case someone doesn't see the 1 second header before you kill TLS up_the_irons: sure, being careful certainly is a good idea as there is no easy way back, and you have to be sure that all your subdomains are indeed accessible via TLS before you enforce it, that's why I said "if possible" up_the_irons: but without includeSubDomains, HSTS is actually rather ineffective (or at least you'd have to be very careful with all the web software you are running on that domain for it to be effective) up_the_irons: and that is due to the way cookies work for historical reasons: your order form on https://arpnetworks.com/, for example, sets a cookie that is not limited to HTTPS up_the_irons: now, if an eavesdropping attacker wants to learn that cookie despite your use of HSTS, all they need to do is to make the browser make a request to some subdomain.arpnetworks.com that doesn't have HSTS set (or at least the browser doesn't know about it yet) via plain HTTP up_the_irons: which is relatively easy to do, if they can get the victim to somehow visit some website under their control up_the_irons: or, if the attacker can do MitM, they can simply hijack any plain HTTP request of the client to any site whatsoever and inject some code into the response that accesses that subdomain up_the_irons: and as a MitM, they wouldn't even be limited to existing subdomains of arpnetworks.com, they could just fake a DNS response and HTTP server for randomgarbage.arpnetworks.com and inject a access to that up_the_irons: the browser will then happily send that cookie in plaintext, which means the attacker can take over the session up_the_irons: now, given that the whole point of HSTS kinda is to protect against MitMs (who could hijack the initial plain HTTP request of a user accessing your site that should ordinarily be redirected to the HTTPS version), it's not really all that useful if a MitM still can compromise your user's sessions as for revocation of certificates: well, yeah, short-lived certs are one solution, but there is also OCSP must-staple, a certificate extension that tells the browser that the webserver must provide a valid stapled OCSP response or else the certificate is to be considered in valid IIRC OCSP must-staple has landed in a recent firefox release version erm, *invalid damn fIorz is knowledgable fIorz knows everything *gg* haha up_the_irons: btw, there isn't really any reason to keep around any of the non-PFS cipher suites (except for the 3DES if you do actually care about support for win XP, which is a bad idea anyway whether it's PFS or not due to DES's short block size, see https://sweet32.info/) ie6/xp is blocked already yeah, but that couldn't even speak TLS 1.0, so it's beyond hopeless if you care about security yeah there's no ssl3 at all 3DES still takes some effort to attack, but if you don't really need it, it's probably better to avoid it so dropping 3des drops ie8/xp up_the_irons: thoughts? yep hasn't microsoft even dropped support for ie8 and xp yeah they dropped xp. it's mostly chinese that use it afaik so it's mostly if you want chinese vps users that want to vpn that's actually not too uncommon at least that's from my understanding yeh maybe price point and even then, shouldn't a more recent firefox work on xp, which IIRC uses its own NSS on windows, so probably should know some better cipher suites than IE? yeah that's why i said ie8/xp rather than xp I guess my point is: even if someone is still using XP for whatever reason, how likely is it that someone who bothers to set up their own VPN would still be using the ancient IE that comes with it? ie8 never came with xp did it? erm, that might be true, I don't actually know edge seems ok but i was never a found of ie