squid: allow user to configure DH key size, SINGLE_DH_USE, NO-SSLv3, Cipher-Suites - performance improvement hint
Squid has some additional options set like:
options=NO_SSLv2,NO_SSLv3,SINGLE_DH_USE (and should have "SINGLE_ECDH_USE")
For the user it would be good to have the possibility to modify "NO_SSLv3" using the WebUI to make sure that squid is compatible even with old and insecure protocols. In general noone should use old protocols but it is the same with "untrusted" certificates. There is an option in the WebUI, too, to allow this - even this shouldn't be in a secure environment.
I understabnd SINGLE_DH_USE this way, that in egnerates a new key for every new connection. So in egneral a DH key only is valdi as long as the connection is. This shouldn't be longer than several hours or so.
From a security point of view DH key size with less than 2048bit is insecure. But this is only valid for DH keys which do not change. For DH keys which change for example with every connection (SINGLE_DH_USE) this should not be a security problem. But increasing the DH key from 1024 up to 2048 bit increases the performance impact by 5x-6x.
So there should be a valid discussion if there should be an option in the WebUI to configure 1024bit DH key and use SINGLE_DH_USE - which will be probably as sescure as or more secure than a static 2048bit DH key.
Allow the administrator to configure the allowed cipher-suites. Possibility could be tha there is a "recommended" profile which configures the cipher-suites like you did at the moment by default.
Then there could be a custom field where the user can enter the allowed ciphers like "!3DES:HIGH:!RC4" like he wants.
#1 Updated by Kill Bill over 4 years ago
Alexander Wilke wrote:
For the user it would be good to have the possibility to modify "NO_SSLv3" using the WebUI to make sure that squid is compatible even with old and insecure protocols.
Sigh. Feel free to use System Patches to make such absolutely horrible modifications. Introducing changes into the package that go absolutely the opposite way than everyone else goes (including things like openssl and the browsers) is simply insane.
#2 Updated by Kill Bill about 4 years ago
Added options matching the reverse proxy options (modern/intermediate cipher suites, DH key size options). Making things any more complicated just confuses users and serves no generally useful purpose really, IMNSHO.
If you need SSLv3, feel free to patch yourself (plus, that won't be even a viable option with later OpenSSL versions.)