« Apple enabled BEAST mitigations in OS X 10.9 Mavericks | Main | Bulletproof SSL and TLS available for early access and preorder »

SSL Labs: Stricter security requirements for 2014

January 21, 2014

Today, we're releasing a new version of SSL Rating Guide as well as a new version of SSL Test to go with it. Because the SSL/TLS and PKI ecosystem continues to move at a fast pace, we have to periodically evaluate our rating criteria to keep up.

We have made the following changes:

  • Support for TLS 1.2 is now required to get an A. If this protocol version is not supported, the grade is capped at B. Given that, according to SSL Pulse, TLS 1.2 is supported by only about 20% servers, we expect this change to affect a large number of assessments.
  • Keys below 2048 bits are now considered weak, with the grade capped at B.
  • Keys below 1024 bits are now considered insecure, and given an F.
  • MD5 certificate signatures are now considered insecure, and given an F.
  • We introduce two new grades, A+ and A-, to allow for finer grading. This change allows us to reduce the grade slightly, when we don't want to reduce it to a B, but we still want to show a difference. More interestingly, we can now reward exceptional configurations.
  • We also introduce a concept of warnings; a server with good configuration, but with one ore more warnings, is given a reduced grade A-.
  • Servers that do not support Forward Secrecy with our reference browsers are given a warning.
  • Servers that do not support secure renegotiation are given a warning.
  • Servers that use RC4 with TLS 1.1 or TLS 1.2 protocols are given a warning. This approach allows those who are still concerned about BEAST to use RC4 with TLS 1.0 and earlier protocols (supported by older clients), but we want them to use better ciphers with protocols that are not vulnerable to BEAST. Almost all modern clients now support TLS 1.2.
  • Servers with good configuration, no warnings, and good support for HTTP Strict Transport Security (long max-age is required), are given an A+.

I am very happy that our rating approach now takes into account some very important features, such as TLS 1.2, Forward Secrecy, and HSTS. Frankly, these changes have been overdue. We originally meant to have all of the above in a major update to the rating guide, but we ran out of time, and decided to implement many of the ideas in a patch release.

MY BOOK: If you like this blog post, you will love Bulletproof TLS and PKI. For system administrators, developers, and IT security professionals, this book provides a comprehensive coverage of the ever-changing field of SSL/TLS and Internet PKI and will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks. It's available now.