[Twisted-Python] Specifying ciphers in ssl.optionsForClientTLS
![](https://secure.gravatar.com/avatar/b5edb1094c1aa4e8a09ee0640a57f463.jpg?s=120&d=mm&r=g)
Hi, I need to loosen up the default cipher list to allow RC4 (some sites our customers use like myaccounts.socalgas.com still use it). I was going to pass the following dict into the extraCertificateOptions argument of ssl.optionsForClientTLS, but was curious if there as a better way: {"acceptableCiphers" : <IAcceptableCiphers object>} -J
![](https://secure.gravatar.com/avatar/e1554622707bedd9202884900430b838.jpg?s=120&d=mm&r=g)
As the documentation for extraCertificateOptions says, if you need to use it it's a bug in the interface. As such, please file it :-). This escape-hatch was presented specifically so we could discover which features of that interface were really necessary customizations and which were just unfortunate compromises with OpenSSL's API. In this case, no, there's no other way to get acceptable ciphers in there, and this should probably just be added to optionsForClientTLS. Another reasonable fix might be to allow RC4, since I think the default cipher suites that we have selected might be more appropriate for servers than for clients; the major browsers will still negotiate RC4 so we might want a slightly more permissive list. Hopefully someone more cryptographically enlightened than I am can opine as to whether this is a reasonable thing to do in 2015... -g
![](https://secure.gravatar.com/avatar/b5edb1094c1aa4e8a09ee0640a57f463.jpg?s=120&d=mm&r=g)
Some browsers won’t — Firefox refuses to use RC4 :)
I saw that on Firefox's wiki, but in reality Firefox 35 still does allow RC4: http://www.screencast.com/t/AuMRylAV -J
![](https://secure.gravatar.com/avatar/869963bdf99b541c9f0bbfb04b0320f1.jpg?s=120&d=mm&r=g)
On 17 February 2015 at 04:19, Jason J. W. Williams <jasonjwwilliams@gmail.com> wrote:
IIUC, Firefox 36 will only allow RC4 as a fallback (but not disable it completely), and I think there is talk about disabling RC4 completely for TLS 1.1/1.2. -- mithrandi, i Ainil en-Balandor, a faer Ambar
![](https://secure.gravatar.com/avatar/b5edb1094c1aa4e8a09ee0640a57f463.jpg?s=120&d=mm&r=g)
As the documentation for extraCertificateOptions says, if you need to use it it's a bug in the interface. As such, please file it :-). This escape-hatch was presented specifically so we could discover which features of that interface were really necessary customizations and which were just unfortunate compromises with OpenSSL's API.
Will do. Saw that note but wanted to make sure I wasn't missing a better approach before filing a bug.
In this case, no, there's no other way to get acceptable ciphers in there, and this should probably just be added to optionsForClientTLS.
Another reasonable fix might be to allow RC4, since I think the default cipher suites that we have selected might be more appropriate for servers than for clients; the major browsers will still negotiate RC4 so we might want a slightly more permissive list. Hopefully someone more cryptographically enlightened than I am can opine as to whether this is a reasonable thing to do in 2015...
I'd advocate for adding the acceptableCiphers argument to optionsForClientTLS over loosening the default cipher list. I think having a secure default and making loosening that default an explicit action is a good behavior. That way a less secure cipher list is always an active choice. -J
![](https://secure.gravatar.com/avatar/b5edb1094c1aa4e8a09ee0640a57f463.jpg?s=120&d=mm&r=g)
As the documentation for extraCertificateOptions says, if you need to use it it's a bug in the interface. As such, please file it :-). This escape-hatch was presented specifically so we could discover which features of that interface were really necessary customizations and which were just unfortunate compromises with OpenSSL's API.
![](https://secure.gravatar.com/avatar/e1554622707bedd9202884900430b838.jpg?s=120&d=mm&r=g)
On Feb 16, 2015, at 10:14 PM, Hynek Schlawack <hs@ox.cx <mailto:hs@ox.cx>> wrote:
I’m still maintaining that watering down the defaults is an invitation to downgrade attacks that affect *everyone*. And RC4 looks worse with every month passing.
OK. This is precisely why I didn't want to make this call myself :). -g
![](https://secure.gravatar.com/avatar/e1554622707bedd9202884900430b838.jpg?s=120&d=mm&r=g)
As the documentation for extraCertificateOptions says, if you need to use it it's a bug in the interface. As such, please file it :-). This escape-hatch was presented specifically so we could discover which features of that interface were really necessary customizations and which were just unfortunate compromises with OpenSSL's API. In this case, no, there's no other way to get acceptable ciphers in there, and this should probably just be added to optionsForClientTLS. Another reasonable fix might be to allow RC4, since I think the default cipher suites that we have selected might be more appropriate for servers than for clients; the major browsers will still negotiate RC4 so we might want a slightly more permissive list. Hopefully someone more cryptographically enlightened than I am can opine as to whether this is a reasonable thing to do in 2015... -g
![](https://secure.gravatar.com/avatar/b5edb1094c1aa4e8a09ee0640a57f463.jpg?s=120&d=mm&r=g)
Some browsers won’t — Firefox refuses to use RC4 :)
I saw that on Firefox's wiki, but in reality Firefox 35 still does allow RC4: http://www.screencast.com/t/AuMRylAV -J
![](https://secure.gravatar.com/avatar/869963bdf99b541c9f0bbfb04b0320f1.jpg?s=120&d=mm&r=g)
On 17 February 2015 at 04:19, Jason J. W. Williams <jasonjwwilliams@gmail.com> wrote:
IIUC, Firefox 36 will only allow RC4 as a fallback (but not disable it completely), and I think there is talk about disabling RC4 completely for TLS 1.1/1.2. -- mithrandi, i Ainil en-Balandor, a faer Ambar
![](https://secure.gravatar.com/avatar/b5edb1094c1aa4e8a09ee0640a57f463.jpg?s=120&d=mm&r=g)
As the documentation for extraCertificateOptions says, if you need to use it it's a bug in the interface. As such, please file it :-). This escape-hatch was presented specifically so we could discover which features of that interface were really necessary customizations and which were just unfortunate compromises with OpenSSL's API.
Will do. Saw that note but wanted to make sure I wasn't missing a better approach before filing a bug.
In this case, no, there's no other way to get acceptable ciphers in there, and this should probably just be added to optionsForClientTLS.
Another reasonable fix might be to allow RC4, since I think the default cipher suites that we have selected might be more appropriate for servers than for clients; the major browsers will still negotiate RC4 so we might want a slightly more permissive list. Hopefully someone more cryptographically enlightened than I am can opine as to whether this is a reasonable thing to do in 2015...
I'd advocate for adding the acceptableCiphers argument to optionsForClientTLS over loosening the default cipher list. I think having a secure default and making loosening that default an explicit action is a good behavior. That way a less secure cipher list is always an active choice. -J
![](https://secure.gravatar.com/avatar/b5edb1094c1aa4e8a09ee0640a57f463.jpg?s=120&d=mm&r=g)
As the documentation for extraCertificateOptions says, if you need to use it it's a bug in the interface. As such, please file it :-). This escape-hatch was presented specifically so we could discover which features of that interface were really necessary customizations and which were just unfortunate compromises with OpenSSL's API.
![](https://secure.gravatar.com/avatar/e1554622707bedd9202884900430b838.jpg?s=120&d=mm&r=g)
On Feb 16, 2015, at 10:14 PM, Hynek Schlawack <hs@ox.cx <mailto:hs@ox.cx>> wrote:
I’m still maintaining that watering down the defaults is an invitation to downgrade attacks that affect *everyone*. And RC4 looks worse with every month passing.
OK. This is precisely why I didn't want to make this call myself :). -g
participants (5)
-
Glyph Lefkowitz
-
HawkOwl
-
Hynek Schlawack
-
Jason J. W. Williams
-
Tristan Seligmann