Forum

Hi Hugo,

The Let's Encrypt on Hiawatha is compliant with PCI DSS Requirements 4.1 with proper setup. However, it does not compliant with NIST guidelines Special Publication 800-52 Revision 1 - Section 3.

(1) The following ciphers are non-compliant with NIST guidelines and they should not be compiled with the certificate :
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA

(2) The following ciphers are mandatory according to NIST guidelines :
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256

(3) OCSP stapling is not available at the moment.

(4) If the Let's Encrypt scripts can revoke certificate, it would be great.

Hi Hugo,

After making changes to src/tls.c with the following code, item (1) and (2) are solved. We need to solve item (3) and (4).

static int ciphersuites_tls10[] = {
        MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
        MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
        MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
        MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
        MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
        MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
        MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
        MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
        MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
        MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
        MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
//      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,  // remove for NIST compliant
        MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
//      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,  // remove for NIST compliant
        MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
//      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,      // remove for NIST compliant
        MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
//      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,      // remove for NIST compliant
        MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,          // new for NIST compliant
        0
};

static int ciphersuites_tls12[] = {
        MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
        MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
        MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
        MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
        MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
        MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
        MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
        MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
        MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
        MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
        MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
        MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
        MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
        MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
        MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
        MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
        MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
        MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
        MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,        // new for NIST compliant
        0
};

By the way, I use this site [www.htbridge.com] to test the Requirements and Guidelines. I also use this site [www.htbridge.com] to test the HTTP headers security.

Not following NIST rules doesn't mean you're insecure. What you can do is set MinTLSversion to 1.2.

Request 4 has been implemented. Redownload the package.

Thanks a lot.