Why a contemporary TLS configuration is important

  • Daniel Wolf
  • June 1, 2023

Table of content

    Why a contemporary TLS configuration is important

    Transport Layer Security (TLS), known under the predecessor, Secure Sockets Layer (SSL), is a cryptographic protocol designed to secure communications over computer networks. HTTPS is an extension of the Hypertext Transfer Protocol that uses TLS to encrypt the communication between the browser and web server. The TLS protocol provides confidentiality, integrity, and authenticity through cryptography.

    SSL has been around since the early 90s. Around 2010, the browser extension HTTPS Everywhere started the first initiative to make the use of HTTPS mandatory. The current versions of TLS were introduced in 2008 (TLS v1.2) and 2018 (TLS v1.3), respectively.

    Since 2020 all major browsers have started to offer an HTTPS only mode. Hence, HTTPS has become the de facto standard regarding data communication on the World Wide Web. 

    TLS is secure, but not secure by default 

    Since all major browsers operate in an HTTPS only mode nowadays, it is clear that the security of large parts of the Internet infrastructure relies on TLS. While TLS is easy to set up, it is difficult to set up securely. If TLS is set up incorrectly, various attacks on the protocol are possible.

    Using old protocols or ciphers may allow an attacker to decrypt the communication and steal or manipulate data. 

    A non-exhaustive list of weaknesses or misconfigurations in TLS 

    TLS 1.3., the latest version of the TLS protocol, has removed support for older, less secure cryptographic features. However, for backwards compatibility, it is recommended to still allow the use of TLS 1.2. When using TLS 1.2, there are configurations mistakes one should avoid, for example: 

    Avoiding those mistakes would require an expert understanding of cipher suites and TLS server configurations. Sticking to default configurations of popular web servers like Apache, NGINX or IIS would lead to insecure TLS settings and put your data and communication at risk of being stolen or manipulated. 

    The OWASP Foundation provides an overview of common misconfigurations and weaknesses; Cryptographic Failures are in section 2 of the OWASP Top 10. Taking a look at A02:2021 – Cryptographic Failures one can find more example attack scenarios, but also further links to OWASP Cheat Sheet for securely setting up TLS and HSTS headers. 

    Understanding “enough” about cipher suites to make TLS secure 

    In 2009 Qualys, a company specializing in security and compliance started an online service that enables you to inspect the configuration of any public SSL web server. The service will issue grades from A+ to F for a web server‘s TLS configuration and provide guidance for improving your TLS configuration to make it more secure. 

    How to get an A grade in Qualys SSL Server Test with my Link11 instance 

    Our engineers have tested combinations of cipher suites and configurations to get you an A or even an A+ grade in the Qualys SSL Server Test. The good news is – even with our default configuration, you will get an A rating in the Qualys SSL Server Test. 

    To get an even better A+ rating, you must configure HSTS for your instance. The protection only applies after a user has visited the site at least once, relying on the “trust on first use” principle. Web browsers like Google Chrome, Mozilla Firefox and Internet Explorer/Microsoft Edge address this limitation by implementing an “HSTS preloaded list”, which is a list that contains known sites supporting HSTS.

    This list is distributed with the browser, so it also uses HTTPS for the initial request to the listed sites. Since HSTS cannot be configured in our WebGUI, HSTS Headers must be set on your origin servers. 

    With our default configuration and (optional) HSTS headers, you can be assured that your data and communication are transmitted with strong encryption and protected from being stolen or manipulated. 

    Why you should still use TLS 1.2 

    It is best practice to use minimum TLS 1.2 and to offer TLS 1.3 additionally. All modern browsers support TLS 1.3 – so you might wonder why not only enable TLS 1.3 on your instance. Depending on your application, you might have legacy clients (mobile apps, headless applications or industrial control units) that cannot be updated and still require TLS 1.2. If you configure your instance to offer TLS 1.3 and TLS 1.2, the browser that supports the newer protocol will use this one, and those that don’t will fall back to TLS v1.2. 

    The parallel operation of TLS 1.3 and secure TLS 1.2 ciphers and the optional use of HSTS headers represents the ideal mix of security and compatibility at this point to ensure the integrity and secrecy of web application communications. 

     

    DDoS Infographic: Freaky Monday
    WAN Summit – 13.03.2023 Frankfurt
    X