Update Cipher_Suites table to v5.x #296
Conversation
Adding back link removed during v4-v5 simplification & archiving.
|
The table is also being referenced from MDN e.g. https://developer.mozilla.org/en-US/docs/Web/Security/Transport_Layer_Security via the main wiki page, so the link should be there visible, somewhere. |
Agreed. Additionally, the color coding consistency in #297 is a desirable update. |
"all known cipher suites" might be better phrased as "IANA TLS Cipher Suites" Overall, the general tone of the changes looks good to me. I did not verify the manual changes, and will look at #292 to see about fixing the automation. |
|
The automation for --colorize (that reads the actual mediawiki, to alter the existing content, honoring grading and order) seems pretty broken, and the output mapping even for the basic scenarios including some gaps. At some point April mentioned the script served as the basis for the table in its inception, but was managed mostly manually ever since — not sure if the parsing can process the current content at all. The wording is taken mostly from an archived version; I'll look into improving that. |
| @@ -73,6 +73,8 @@ Mozilla maintains three recommended configurations for servers using TLS. Pick t | |||
| <p style="max-width: 60em;">The ordering of cipher suites in the <span style="color: gray; font-weight: bold;">Old</span> configuration is very important, as it determines the priority with which algorithms are selected.</p> | |||
|
|
|||
| <p style="max-width: 60em;">OpenSSL will ignore cipher suites it doesn't understand, so always use the full set of cipher suites below, in their recommended order. The use of the <span style="color: gray; font-weight: bold;">Old</span> configuration with modern versions of OpenSSL may require custom builds with support for deprecated ciphers.</p> | |||
|
|
|||
| <p style="max-width: 60em;">Different libraries support different cipher suites and refer to them by different names. Mozilla maintains a list of [[Security/Cipher Suites|all known cipher suites]] and their corresponding names.</p> | |||
There was a problem hiding this comment.
| <p style="max-width: 60em;">Different libraries support different cipher suites and refer to them by different names. Mozilla maintains a list of [[Security/Cipher Suites|all known cipher suites]] and their corresponding names.</p> | |
| <p style="max-width: 60em;">Different libraries support different cipher suites and refer to them by different names. Mozilla maintains a correspondence table of [[Security/Cipher Suites|cipher suites and their mapping]] to identifiers used by different libraries.</p> |
Fixes #247, #292, april/tls-table#4
Since the simplification after v4.0 and the archival of older more expansive docs aligned with v5.0 guidelines, the link to
Cipher_Suiteswas lost, and later the table became outdated, with the tool to help gather the cipher lists from source not able to automate the parsing anymore.Nonetheless the page is still linked from outside, and as a part of the recommendations should be kept up-to-date, even if it means manually for now.
There are two major signs the Cipher_Suites page should not be considered abandoned:
*/Archive/*and with no deprecation warning in the page intro, so there's no indication it should be interpreted as unmaintained.Cipher_Suites.mediawikipage is kept here in master meaning it should still be considered part of the current docs, and kept in sync with the guidelines.This PR makes the table useful again by:
<pre/>instead of<source/>…)This is how the render looks like: