Home

「SSL/TLS暗号設定ガイドライン」(v1.1)

1. 2 2 2
2. F 7 1 5
3. 9 NIST SP800 52 revision 1 draft Guidelines for the Selection Configuration and Use of Transport Layer Security TLS Implementations ENISA Algorithms Key Sizes and Parameters Report 2013 recommendations SSL TLS 34 6 3 1 Perfect Forward Secrecy
4. SSL TLS OpenSSL Netcraft Heartbleed 1 43
5. SSL TLS 7 1 7 1 1 OpenSSL
6. gt 54 CA SSL TLS 23 e 2015 45 Subject Public Key Info
7. TLS1 2 TLS1 1 TLS1 0 SSL3 0 SSL2 0 9 O O x x E 9 O x x ES x x O O X SSL TLS 19 e SSL2 0 TLS1 1 TLS1 2 e
8. SSL TLS 2015 5 H lt gt
9. 2 IPsec VPN IPsec VPN SSL VPN SSL TLS 60 P SSL TLS TP SSL TLS VPN S o NEP
10. NN 6 2 6 4 uu E 6 5 1
11. 14 A ES 6 6 5 2 WAR E G TLS_RSA_WITH_RC4_128_SHA 0x00 0x05 H TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x00 0x16 TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x00 0x0A RFC DHE 1024 RSA 2048 DHE DHE A G 13
12. SSL TLS lt gt G2G 2015
13. SSL TLS 2 3 1 5 2 5 1 5 2 201 5 SHA 256
14. e Internet Explorer Internet Explorer e e 8 2 2 PC Web Apple Safari Google Chrome e Web Android Mobile Safari 105 SSL TLS 55
15. gt gt 54 CA T SSL TLS 25 5 2 7 Issuer Certificate Signature Algorithm CE 4i 7 7v 3Y ERO EAE Certificate Signature Value SSL TLS Subject
16. Public Key Pinning Certificate Pinning PKI Public Key Pinning SPKI Subject Public Key Info 2014 9 Public Key Pinning e gt HTTP e gt Google Chrome 13 gt Mozilla Firefox 32 34 Android gt Internet Explorer EMET E EMET 40
17. OpenSSL Heartbleed Bug Dual EC DRGB SSL TLS
18. e 4 7 SSL TLS 46 H 7 1 6 CA
19. Microsoft Internet Explorer Internet Explorer gt ce TInternet Explorer http msdn microsoft com ja jp ie cc844005 aspx gt
20. TU le 7 1 2 CA CA
21. 15 3 Web BEV 20155 OV EV
22. RFC5746 7 2 3 SSL TLS
23. 3 1f 1 TLS1 0 SSL3 0 ii Q 2 n H EZ ERTERIUTREUUTSAACUUSSESCESEEWUM Topozu ast Zua 1 Io f Lc RSA SHA 256 2048 RSA SHA 1 2048 2 Sub ject Public Key Info Sub ject Public Key Algorithm I Gu 5 E EPERERA EA SSL TLS 68 y va c d 7 y A 2 2 D i 4
24. Web OV DV EV Bxtended Validation 3 OV d 5E 1 OV EV i E CA Browser Forum
25. Perfect Forward Secrecy Forward secrecy Perfect Forward Secrecy PES SSL TLS Perfect Forward Secrecy Ephemeral DH Ephemeral ECDH DHE ECDHE 6 3 2 5 4 8 4096 C ho RSA CRYPTREC
26. SSL TLS C SSL TLS WEI
27. OCSP OCSP TP OCSP REC 6066 Transport Layer Security TLS Extension Extension Definition 8 Certificate Status Request TLS OCSP OCSP SSL TLS 2 EE Web OCSP OCSP Web e OCSP OCSP OCSP Web
28. SHA 1 SHA 256 SHA 1 SHA 256 7 1 4
29. k lt gt m 5 J eee al 1 1 TLS1 2 ue E v 0 2 2 TLSI 1 E SHA 2560 eu Fri y AE RETE BRE HRS Arr iuda a tra 15 10 iurati scien doth 2 cC GE EU E p v EE y br ii 5 1 ii 6 BCDHE 256
30. HTTP y 2 1 TLS 3 TLS x 4 TLS TLS GET access of attacker X Ignore eb TEC iati 6 Renegotiation penegonaon ED TLS s 7 2 TLS 3
31. OS PC 2015 5 H PC 8 1 2 PC SSL TLS 15 OS
32. 1 2048 RSA 2033 SSL TLS 35 2 2 2 3 2048 ius 3 ak PONZ E NIST SP800 57 2030 CRYPTREC ECDH ECDHE 256 2048 2048 2030 I 2015 RSA zu oc E
33. 2 3 H 45 LE SSL TLS 2 3 1
34. 13 NIST SP800 57 Recommendation for Key Management Part 1 General Revision 3 SSL TLS 11 d 3 NIST SP800 57 WG SSL 2030 2031 80 RSA 1024 DH 1024 ECDH 160 ECDSA 160 SHA 1 112 3 key Triple DES RSA 2048 DH 2048 ECDH 224 ECDSA 224 128 AES 128 Camellia 128 ECDH 256 ECDSA 256 SHA 256 128 RSA 4096 192 DH 4096 HMAC SHA 1 192 ECDH 384 ECDSA 384 SHA 384 256 AES 256 Camellia 256 ECDH 521 ECDSA 521 HMAC SHA256 256 HMAC SHA384 SSL TLS 12 PART I SSL TLS
35. 755 E GCM CCM X 2 SSL TLS 1 SSL TLS IETF TLS1 3 SSL TLS CBC Ciphertext Block Chaining BEAST Browser Exploit Against SSL TLS MAC Message Authentication Code GCM Galois Counter Mode CCM Counter with CBC MAC http www cryptrec go jp report c13 kentou giji02 r2 pdf SSL TLS 7 SUR CRYPTREC X 2 SSL TLS SSL2 0 1994 e E SSL2 0
36. OpenSSL Apache 2 4 7 lighttpd 1 4 29 nginx Java 8 Appendix B 3 E 2048 ZU Bx XE Apache 2 4 6 Java7 2048 ox 2048 Java 7 DHE 64 512 1024 1024 100 00 90 00 80 00 70 00 60 00 50 00 40 0096 30 0096 20 0096 5 4096 512bits 10 00 6 0 1626 0 0996 0 0096 768bits 100 0096 90 0096 80 0096 70 0096 60 0096 50 00 40 00 30 00 20 00 0 01 0 00 10 00 0 00 P 224 DHE 87 49 5 9996 1024bits 2048bits 3072bits 4096bits 8192bits ECDHE 98 08
37. 5 http www cryptrec go jp report c13 eval web final pdf i http www nisc go jp active general pdf angou ikoushishin pdf H p SSL TLS H j ki SUC 25 EIC BETEO CSR 237 09 2014 4 H OpenSSL Heartbleed TLS1 2 Heartbeat OpenSSL OpenSSL Heartbeat DE Me NDS um OpenSSL SSL TLS H
38. 8 3 Renegotiation l 10 1 9 BUE are iid ES a3 11 1 10 HTTP 12 GET access of user Cookie XXXXXX witter API mory GET access of attacker 7 3 X Ignore GET access of user Cookie XXXXXX
39. SSL3 0 SSL TLS 14 4 SSL TLS lt gt G2G
40. Tk RA 0 np ilie gt gt 3 4 2 CA T SSL TLS 24 2015 H SHA 256
41. 5 10 1 5o 7 so 5 SSL TLS 49 11 12 Kia e e 1
42. ptu RUE E E ALZ hor LERMA L TER CA CA CA x b PH 23 4 vis 7 pr M Me A NR CA Windows
43. CA PAS d CA inu
44. SSL3 0 SSL3 0 8 3 2 SSL TLS SSL3 0 IPA en Windows SSL 3 0 Windows SSL 3 0 URL Apache Http Server SSL 3 0 Apache Http Server SSL 3 0 URL https access redhat com ja solutions 1232613 POODLE again TLS1 x
45. SSL TLS 26 CRYPTREC 2 2 1 8 RSA SHA 256 RSA SHA 1 SHA 1 SHA 256 RSA 1024 2048 256 ECDSA RSA SHA 1 uu is
46. SSL2 0 SSL3 0 TLS1 0 TLS1 1 TLS1 2 2015 5 IE6 SSL2 0 8 TLS1 1 TLS1 2 TLS1 1 TLS1 2 mmternet Explorer TLS1 2 TLS1 1 TLS1 0 SS
47. RFC TLS1 2 RFC SSL TLS 26 TLS1 2 AES128 SHA SSL TLS 39 Qr E TH d 12 T A TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x00 0x9E TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x00 0x45 B TLS RSA WITH AES 128 GCM SHA256 0x00 0x9C TLS RSA WITH CAMELLIA 128 CBC SHA 0x00 0x41 C D TLS DHE RSA WITH AES 256 GCM SHA3
48. 1 8 1 CRYPTREC 1 ren NR RALXTIDZITUNDEREXE 77 SSL SSL AS CS WOHNEN ROO ORC ORDRE ZH
49. DA 2 BH W E HH E HH ll N CRL L OCSP OCSP 2 OCSP SSL Certificate Revocation List Online Certificate Status Protocol SSL TLS 50 OCSP 2 DDoS OCSP SSL TLS OCSP OCSP
50. RSA E ECDSA DSA T RH H RAND http www secg org certicom_patent_letter_ 7 DSA DSA SSL TLS h SECG pdf SECG Certicom fl 35 zu EX p 6 pr Eu H FEX 22 e 2015 5 zl e ul F E
51. CRIME TIME BREACH SSL TLS OpenSSL Windows 7 2 4 OCSP Sta pling CRL OCSP 1 OCSP
52. E LT UT B VERE 08 E ED M http www cryptrec go jp images cryptrec ciphers list 2013 pdf 1 220
53. DHE 1024 SSL TLS 32 gt CRYPTREC llf 5 UJ A piZ gt H Triple DES RC4 5 SERA 7 1 DSA Triple DES RC4 DSA e e e T DHE AR B A
54. Subject Public Key Info Subject Public Key Algorithm 8 RSA OID 1 2 840 113549 1 1 1 2048 e NHS THER 256 NIST P 256 OID 1 2 840 10045 3 1 7 9 Certificate Signature Algorithm RSA SHA 256 sha256WithRSABncryption OID 1 2 840 113549 1 1 11 2048 ECDSA SHA 256 ecdsa with SHA256 OID 1 2 840 10045 4 3 2 256 NIST P 256 e E
55. 3 e e Java ActiveX on demand e SSL IP SSL TLS SSL VPN VPN SSL TLS On demand
56. R 16 nui Microsoft Internet Explorer FAQ http support2 microsoft com gp microsoft internet explorer Microsoft Internet Explorer Apple Safari gt Google Chrome Mozilla Firefox gt Mobile Safari iOS iOS 8 Mobile Safari SSL TLS BA X 16 Internet Explorer 0 2014 11 10 OS 2015 2016 2017 2018 2019 2020 2021 2022 2023 Internet Explorer 7 Windows Vista SP2 2016 1 12 Windows Vista SP2 2016 1 12 Internet Explorer 8 Windows 7 SP1 2016 1 12 Windows Vista SP2 2017 4 11 Internet Explorer 9 Windows 7 SP1 2016 1 12 Windows 7 SP1 2016 1 12 Internet Explorer 10 Windows 8 2016 1 12 Windows 7 SP1 2020 1 14 Internet Explorer 11 Windows 8 1 2023 1 10 8 2 8 2 1 8 1
57. SHA 256 ECDSA 201 5 SHA 256 ECDSA 8 RSASSA PKCS 1 v1 5 RSA DSA ECDSA SHA 256 SHA 1 5 4 5 4 1
58. SSL TLS Lm F 240 10 2 x 2 2 207 x 38 FH
59. 1 Firefox Firefox X Tou em V v3 8 3 77 Ed 2 HRA U OCSP W OCSP OK 8 3 1 1024 SHA 1 CA Browser Forum 2014 1 1 SSL TLS 57 RSA
60. Mozilla Japan eo eZ ME a EMAER LLL AA EERE SSL TLS 6 2 2 1 SSL TLS 2 1 1 SSL TLS Secure Sockets Layer SSL Netscape fl E SSL 3
61. HTTPS HTTPS RFC 6797 HTTP HTTPS HTTPS includeSubDomains NR HTTP HSTS eo oa T HTTPS HSTS HSTS dodi B Appendix B 4 Firefox 17 HSTS HTTPS 2014 9 HSTS
62. Perfect Forward Secrecy RSA e e ZT DHE 1024 v FEL E ECDHE ECDH 256 RSA 2048 S wl DHE n 6 5 3 uil T e 2 PFS 6 3 3 DHE 1024 DHE
63. AU 5 4 1 CA CA CA y CA CA CA adn CA
64. x x Uv RB NIST SPS00 57 Part 1 revision 3 R3 ABES xxx xxx AES Camellia xxx xxx Camellia RSA xxx xxx RSA DH xxx xxx DH ECDH xxx RD xxx NIST P xxx ECDH ECDSA xxx xxx NIST P xxx ECDSA HMAC SHA xxx HMAC SHA xxx SSL TLS HMAC SHA xxx SHA xxx
65. add header Strict Transport Security max age 31536000 includeSubDomains HTTP HTTPS jisten 80 server listen 80 return 301 https hostname request_uri B 4 4 Microsoft IIS IIS HTTP HSTS ll 1 IIS 2 3 HTTP 4 SSL TLS 78 E F CONTOSODC01 Default Web Site ep r A F V B e Hile Q3 4 93 CONTOSODCO1 CONTOS Web Q 7 HTTP e 4 8 b 9 Default web Site n 7 2m HTP y lt m gt Daea
66. 2048 2048 2048 H 2013 ER UH XC Hc E B 4 D 2015 1 61 5 Apache 2 4 6 Alexa O 52 3 ECDHE 256 DHBE E 1024 DHE Windows Server 2012 Java 7 JDK7 47 2 45 348 62 7 1024
67. 26 T e A A E AET E 27 5 4 1 m 27 5 4 2 CA REBH E OO ZZ 3 7z EAE LA pII auus 28 54 3 i 28 5 4 4 29 6 i 31 Bl EBRI MEOGVUQOS EE oiispriisisimive perisset d brisa ike dp REST 31 6 2 83 C HMEE L wc 7 xx EE 34 6 3 1 Perfect Forward Secrecy 35 6 3 2 Mri 35 6 3 3 DHE ECDHE 36 6 4 EBRI se LESE LOIRE 38 6 5 EBRR PECOT ERRE s iix bb leise hi m pF FF E tps 38 SSL TLS 1 6 5 1 38 6 5 2
68. HTTP SMTP POP SSL TLS 1 SSL TLS
69. Q A S WETI i SSL TLS 65 2 2 pO 7 6 6 i 3 2 A 6 B 6 6 6 i 4 2 um i 5 RSA 2048 iD MEI I MEER ORE E 241 7 h BLEIBE LI d O 4 i s wo ii 3 2 A B ii 5 2
70. CA pt k Ero ZEE CA MZ CA RE fx i E CA RS ee CA CA E E CA
71. 2015 5 e OS gt Windows Vista Service Pack2 2017 4 11 Windows 7 Service Pack 1 2020 4 11 Windows8 2016 1 12 Windows 8 1 2023 1 10 Mac OS X 10 9 Vv V ON Y e OS Android Android4 x gt iOS8 8 1 2 2015 5 8 1 1 OS Microsoft Internet Explorer 2016 1 12 Internet Explorer
72. CRYPTREC CRYPTREC ZT ADF Hj h 2013 3 CRYPTREC 26 26 5 19 6 1 5 L HE 7R 1 b s CRYPTREC
73. OCSP OCSP Stapling 2014 9 Appendix B 5 gt Apache HTTP Server 2 3 3 nginx 1 3 7 Microsoft IIS on Windows Server 2008 Mozilla Firefox 26 gt Microsoft Internet Explorer Windows Vista gt Google Chrome 7 2 5 Public Key Pinning FLAME DigiNotar TURKTRUST lt PKI SSL TLS 51 E
74. 1 0 SSL2 0 1995 1996 SSL3 0 RFC6101 Internet Engineering Task Force IBTF E Transport Layer Security Protocol Version 1 0 TLS1 0 RFC2246 TLS1 0 SSL3 0 TLS1 0 TLS1 0 SSL3 1 CBC TLS1 1 RFC4346 TLS1 0 BBAST C Bii d 5 eus td Do TLS1 2 RFC5246 SHA 2 family SHA 256 SHA 384 MAC f amp SHA 2 family
75. 2 1 SPKI SSL 2014 9 Google Chrome Mozilla Firefox 2 HTTP SSL SPKI IBTF Public Key Pinning Extension for HTTP Appendix B 6 http technet microsoft com ja jp security jj653751 SSL TLS 52 PART II amp SSL TLS 53 8 8 1 8 1 1 OS
76. ii 8 DOHE 2048 FE SSL TLS 64 E EE o PE a a E A E za TLS ECDHE RSA WITH CAMELLIA 128 GCM SHA256 AJ 1 2 LI Q 1 TLS1 0 O TLS1L0 2 Ei 2 2 SSL2 0 SSL3 0 O 3 TLS1 2 osuran Oo noorena LIC os TET 5 nsi 1 6 TLS1 1 E m 3 RSA SHA 256 2048 ECDSA SHA 256 256 NIST P 256 3 2 i RM Subject Public Key Info Sub ject Public Key 1gorithm RSA 2048 256
77. Appendix B 1 1 etc ssl chain crt T Appendix B 3 1 BIZIZ linux DHE 2048 cat dh2048 pem gt gt etc ssl chain crt ECDH ECDHE 256 cat prime256v1 pem gt gt etc ssl chain crt B 3 3 lighttpd DHE ECDH ECDHE lighttpd Appendix B 3 1 Appendix B 1 2 DRE DHE 2048 ssl dh file etc ssl dh2048 pem ECDH ECDHE 256 ssl ec curve prime256v1 B 3 4 nginx DHE ECDH ECDHE nginx Appendix B 3 1 Appendix B 1 3 SSL TLS
78. e Apache 2 2 22 Lighttpd 1 4 28 nginx 1 1 19 IIS 4 0 211 0 Firefox 17 Opera 12 HX AL HX v v Chrome Firefox Opera Safari Internet Explorer Mac OS X Mavericks Windows 10 IE SSL TLS 48 7 3002
79. E amp Backup pinned figerprint SSL primary key pair secondary backup key pair SSL i SSL TLS 80 E max age Public Key Pin
80. SSL TLS bL CU 7 E 3 BLU RU C 1 2 E EZ SSL TLS SSL TLS V SSL TLS 5
81. 9 6 5 2 T e gt CRYPTREC gt 128 gt DSA 5 DSA e gt A B EF 2015 5 128 128
82. 39 6 5 3 42 7 SSL TLS REES SO I eos eo SOURR RED AR ANM ASAS GER ELS al 44 71 ERRECONBBH4ROdRERS RHRIOOUVVCIERE OO E ueste tereti edekeveseakvensi eds 44 7 4 4 Lees 44 7 1 2 t Sv vasvATS b YA UC MENTI 44 7 1 3 ue erm Zero iq TT 45 Td FRO A LL oo eon eot dd t E T 46 7 1 5 46 AMNES Ei TAL I NG 47 7 2 EDRED ol eR r 48 7 2 1 HTTP Strict Transport Security HSTS 48 7 2 2 uci 49 7 2 3 ii 50 7 2 4 OCSP Stapling DREZE ao d coss se n Vhb FUR DOR EE I aec HE Ro LI RR OPES 50 7 2 5 Public Key Pinning 51 PARTII 53 8 oet ete a teet vts 54 8 1
83. TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC0 0x2C TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC0 0x8B 8 TLS ECDHE ECDSA WITH AES 128 GCM SHA256 0xC0 0x2B TLS_ECDHE RSA_WITH_AES_128_GCM_SHA256 0xC0 0x2F TLS ECDHE ECDSA WITH CAMELLIA 128 GCM SHA256 0xC0 0x86 TLS ECDHE RSA WITH CAMELLIA 128 GCM SHA256 0xC0 0x8A ECDHE 256 6 5 2 6 1 12 A B A C
84. www secomtrustnet SECOM Passport for Web EV CA r n 2012 09 11 2014 09 18 BB En A1 Egi SECOM Passport for Web EV CA Egl www secomtrustnet OK d 5 n zm E ESUN FORTY ID Security Communication RootCA1 e Security Communication RootCA1 s 2003 09 30 2023 09 30 s F8 BEROA RTD 1 x shal Security Communication Root 2003 9 30 1320 49 j RSA 2048 Bits 6 ishalRSA E 2023 9 30 13 20 49 jcation Root O RT SSL TLS 89 D 2 Active Directory CA B
85. C 1 Windows 1 gpedit msc Enter 2 gt gt gt SSL 3 SSL SSL SSL 4 SSL SSL Ej SSL soet O C E O D E windows Vista SSL TLS RSA WITH AES 128 CBC SH Secure Socket Layer SSL PR SSL SSL2 SSL3 TLS 1 0 TLS 1 1
86. Sc ifa DH Ephemeral DH ECDH Ephemeral DH RSAES PKCS 1 v1 5 RSA RSASSA PKCS4 v1 5 RSA DSA ECDSA 128 AES 128 256 Ev F Camellia 128 256 Ev F CBC GCM SHA 256 SHA 384 SHA 1 SSL TLS 33 e SSL3 0 64 3 key Triple DES Wi Ey 128 bit RC4 Pe Triple DES X ET EKAT Hi EREU A AIZ RC4 TLS1 0 Triple DE
87. 3 2 SSL TLS 4 5 6 SSL TLS 7 3 3 1 5 SSL TLS 16 5 I D256 bit D128 bit D 128 bit EALO 128 bit 2256 bit 256 bit RC4 Triple DES 2048 1024 v FEL EO DHE 256 DHE SE 256 ECDHE ECDHE R 2048 RSA 226 ECDH GCM CBC SHA 384 SHA 256 SHA 384 SHA 256 SHA 1 TLS1 2
88. SSL TLS 9 2 SSL TLS 3 SSL TLS 4 6 3 7 8 9 SSL TLS SSL VPN
89. 9 Prix zd E 7 si CA il CA CA R CA Baseline Requirement E E Ti E Web E
90. CRYPTREC Report 2013 B E H RSA 10 1 2035 E 10 102 FLOPS X 3 2 SHA 1 RSA1024 2015 5 RSA 2048 ECDSA 256
91. 7 2 Appendix B 4 lt VirtualHost gt letc ssl chain crt etc ss1 server key SSL TLS 71 B 1 2 lighttpd lighttpd modules conf lighttpd conf modules conf server modules mod setenv lighttpd conf SERVER socket 0 0 0 0 443 ssl engine enable ssl pemfile etc ssl serverkey cert pem ul ssl ca file etc ssl ca crt Appendix C 2 ssl cipher list 2 Appendix B 2 2 ssluse ssl honor cipher order enable HTTP Strict Transport Security Public Key Pinning 7 2 Appe
92. 13 3 SSL TLS 8 1 SSL TLS 1994 SSL2 0 3
93. SSL TLS 47 7 2 7 2 1 HTTP Strict Transport Security HSTS HTTP HTTPS SSL strip Moxie Marlinspike C HTTP Strict Transport Security HSTS HSTS SSL TLS HTTP Strict Transport Security max age HSTS HTTPS E ER9ic HTTPS um
94. https factorable netkeycheck html 100 SSL TLS 44 15 DV Domain Validation Web A H E OV Organization Validation H 4
95. CA CA CR DigiNotar i 2011 8 iii ft DigiNotar 4 Appendix D 1 E E CA 2 2011 6 531 1 Google Gmail 1
96. 76 DHE 2048 ssl_dhparam etc ssl dh2048 pem ECDH ECDHE 256 ssl ecdh curve prime256v1 B 4 HTTP Strict Transport Security HSTS B 4 1 Apache HTTP HSTS max age 365 31 536 000 includeSubDomains Header always set Strict Transport Security max age 31536000 includeSubDomains HTTP HTTPS lt VirtualHost 80 gt RewriteRule RewriteEngine lt VirtualHost 80 gt ServerAlias RewriteEngine On RewriteRule https 6 HTTP HOST 1 redirect 301 lt VirtualHost gt B 4 2 lighttpd HTTP HSTS Appen
97. BEAST SSL3 0 POODLE AES Camellia OIZA BH TLS1 1 RFC4346 2006 ZuvZl l amp zcBC ocE RFT U7 8 0 figs d TLS1 0 TLS1 2 TLS1 1 TLS1 2 2013 3 50 E BEAST TLS1 2 RFC5246 2008 CBC IDEA DES MD5 SHA 1
98. server ssl stapling on ssl stapling verify on ssl trusted certificate etc ssl ca certs pem B 5 3 Microsoft IIS Windows Server 2008 Windows OCSP Stapling B 6 Public Key Pinning Public Key Pinning HTTP Public Key Pins HE Public Key Pins pin sha256 SHA 256 pinned fingerprint Base64 pin sha256 SHA 256 backup pinned fingerprint Base64 max age includeSubDomains Pinned fingerprint SSL SHA 256
99. RSA 2048 Bits RSA 2048 E zu ni e ego SSL TLS 88 Qo B SSL x IPv4 c ridi SECOM Trust Systems CO LTD JP SECOM Trust Systems CO LTD EM ra S TE Q EFA E 7 CQ H AFNATLXUNGURT s Web r Y ume ie SECOM Trust Systems CO LTI SECOM Trust Systems CO LTD Shibuya Tokyo Jp _ ID
100. SHA 384 TLS_RSA_WITH_AES_128_CBC_SHA RSA 128 CBC AES AES_128_CBC SHA 1 SSL TLS BRANE TOS SSL TLS SSL TLS EED KO KRETENI ec 6 1 6 2 6 4 6 1
101. CA CA URL URL CA Internet Explorer 11 EV E E CA
102. 3 3 3 A 14 1 2 3 El 3 B 5 All websites affected by the Heartbleed bug Reissued 43 Reissued with same private Revoked 20 key 7 E 3 X Netcraft 21 http news netcraft com archives 2014 05 09 keys left unchanged in many heartbleed replacement certif icates html SSL TLS 30 6 _ _ TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 DHE RSA 256 GCM Camellia CCAMELLIA 256 GCM
103. m PFS DHE DHE 11 44 9 38 0 02 0 0096 0 00 0 00 0 00 m PFS m PFS ECDHE 0 8896 0 8196 0 3696 0 3596 0 1496 0 1096 P 384 P 521 B 571 4 DHE ECDHE Alexa EL JL H FEX SSL TLS H BT Apache Tomcat Microsoft IIS DHE 512 1024 2048 2015 5 2048 1024 RSA
104. DHE SODHEERERSAG mE 6 4 SSL TLS IETF _ _ IETF Du MEC oie iai nM coss 6 5 6 1
105. ccc 54 8 1 1 uic 54 8 12 8 AA 54 8 2 BECB DAWAH epe oe De eter RH ESSERI Dd ete VE ERI TRI VER dS 55 RITE T RR CR TET 55 AME iz NE TU UT 55 83 DDGUSMDBERO IESU ictu toes Hu EM LE 57 8 3 1 1024 SHA 1 57 332 SSES 0 O dE 2 CC 59 9 MO NE ST M Hcc 60 9 1 VPN over SSL SSL VPN 60 DGG Sen 62 Appendix A gt Tay Ro RR PNEY 63 AJ Pues MACRO Bees re v iN NN i ata pert 63 AO Be a Ta ROO ese gen Rau E 64 A3 B assi cave Ov RENS EORR p EL D RR RR 65 A 4 es 68 Appendix B 9 259 4E Bn Ro or aded dca pde Er NV ER an bad capita Pase RE ep IN ER INR 71 Bd F REN USOS D daten ii bird dead nec iaaiaee i 71 B11 Apache OR I 1 71 B E 2 lishtipd JB Ecc esaa e NN EO EHE E RP Re p E E EH 72 UN E TRI SPI aw To IRE 72 SSL TLS 2 B 2 Zua pars Var DREPE L uuu sv n VE e VE ia vi 73 bb ET DE 4 e E T E E NE SE 73 B22 liehttpd
106. 6 B i 3 7 ECDHE ECDH 256 ii 8 RSA 2048 ii 10 DHE 1024 ee g iu ii 13 DES CBC3 SHA EE 9 e mm co 1 T ae MM W na co SH o So S c NIEN BS le kd SSL TLS 69 i RS x i Pl My i ie WO ds EE 7 a e i iol A oci ide i He SEE E D Ed S E ict i 2 1 Ur is m d s it p s ii i Edid ss Hen TIS RSA WITH RC4 128 SHA A WIIH 3DES EDE CBC SHA DHE G WIIH 3DES EDE CBC SHA mu yo meOO Pup ITEM EE TLS TLS 70 Ju SSL TLS
107. Active Directory D 2 CA S E E cic EM Appendix I CA mi SSL TLS 28 E KOTRO RHH CRYPTREC RSA 2048 HH H 10 FLOPS FE MH ECDSA 192
108. A F o E 1024 y FEL E ECDHE ECDH R 256 RSA 2048 6 2 CRYPTREC 2 2 1 amp 9 SSL TLS IETF Cj 9 CRYPTREC
109. Certificate Signature Algorithm 4 i 3 1 aq i 4 1 i 5 DHE 2048 O ii D ii 1 e O d ii 3 1 MBUESU 6 1 1 IR 5 GD ii 4 1 ac 6 5 1 I 5 D ii 5 1 leis O ii 6 ECDHE 256 O ii 7 DHE
110. Em z ii 6 ECDHE ECDH 256 6 5 2 n d ii T RSA 2048 O ii 8 DHE Q ii 9 DHE 1024 Fed J ii 10 ii 11 AES128 SHA Pisa SSL TLS 66 mA OECO Ox m SOCO OESO J lm iii iid H idc 1 PE itat aaa bt IBI El Es 2 HH d opu T d n BE Pase uc Ir E I s AARAA AAAA ANA dada A gaa AAA AAAA A IE AARAA ANA 67 Ju SSL TLS AJ 1 2 EE NENNEN 10 1 5 18 O D 2
111. j 4 m XI SSL3 0 SSL3 0
112. nu HK e gt CRYPTREC gt 128 gt Perfect Forward Secrecy SSL TLS 31 gt DSA 1 DSA e gt oc e e DHE 2048 ECDHE 256
113. C 2 2 OpenSSL Apache C 2 2 VirtualHost SSLCipherSuite SSLCipherSuite SSL TLS 84 lighttpd C 2 2 SERVER ssl cipher list ssl cipher list 2 nginx C 2 2 server ssl_ciphers ssl_ciphers C 2 2 OpenSSL OpenSSL 6 5 GE 17 SSLCipherSuite SSLCipherSuite DHE RSA AES256 GCM SHA384 DHE RS A AES128 GCM SHA256 OpenSSL
114. DV st e c YR Zu zr W p 1 vo E 7 1 3 E j BIZI 4 Agility YRI E o T K B H IN T mer HAERE d 1 E
115. ECDHE SHA 1 RSA1024 RSA 2048 RSA RE gt tas zu DHE 8 1024 98 256 25 https securitypitfalls wordpress com 2015 02 01 january 2015 scan results SSL TLS 36 DHE 2048
116. SSL3 0 SSL3 0 fai SSL3 0 RC4 RC4 SSL3 0 TLS1 0 RC4 TLS1 0 RC4 SSL TLS
117. T Group Policy ee X lt Group Policy 4N e sni Active Directory B Active Directory Windows SSL TLS 90 2015 5 22 1 2015 8 3 1 1 113 6591 28 8 INFORMATION TECHNOLOGY PROMOTION AGENCY JAPAN 2 28 8 HONKOMAGOME BUNKYO KU TOKYO 113 6591 JAPAN 1184 8795 2 1 NATIONAL INSTITUTE OF INFORMATION AND COMMUNICATIONS TECHNOLOGY 4 2 1 NUKUI KITAMACHI KOGANEI TOKYO 184 8795 JAPAN SSL TLS 91
118. 5 4 4 4 E Fi E d 0 REED CSR Certificate Signing Request amp AX Aa x4 Lv 238
119. 6 5 u e DHE RSA AES256 GCM SHA384 DHE RSA AES128 GCM SHA256 e ECDHE ECDS A AES256 GCM SHA384 ECDHE RSA AES256 GCM SHA384 DHE RS A AES2 56 GCM SHA384 ECDHE ECDSA AES128 GCM SHA256 ECDHE RSA AES128 GCM SHA25 6 DHE RSA AES128 GCM SHA256 5 ECDHB AESGCM DHE CAMBELLIA DHE AES DSS DH PSK SRP DHE ABSGCM IDSS PSK SRP 6 5 1 5 ECDHB AESGCM EDH AESGCM DSS PSK ISRP 6 5 1 SSL TLS 85 e DHE RSA AES128 GCM SHA256 DHE RSA AES128 SHA256 DHE RSA CAMELLIA128 SHA DHE RSA AES128 SHA AES128 GCM SHA256 AES128 SHA256 CAMELLIA128 SHA AESI 28 SHA DHE RSA AES256 GCM SHA384 DHE RSA AES256 SHA256 DHE RSA CAMELLIA 256 SHA DHE RSA AES256
120. DSA JE zn EX J ECDSA E CI ECDSA SHA 1 SHA 1 zu SHA 256 F DSA 3 3
121. 17 29000 Qu Q D TLSI1 2 18 E Aso 2 TLS1 1 BG EXE TOV RSA 4 E SIA 25600jlll QU CNEE2018 t ECDSA 7 SHA 25 7 h NIST P 256 LIH 8 Subject nalis Key Info Subje J SUE Ne 2 4 oT RASEN UB PH Bl RE o ZAH ONE 3 6 T IA du Al TEES 6 ADRESE y FUERE LE Ti E Frame sor E n
122. DL ii 7 DHE ii 8 DHE 2048 ESI 4 SSL TLS 63 A 2 DE Q 0D TLS1 2 5 2 TLS1 1 Q 1 HEMDEZ RSA SHA 256 2048 ECDSA SHA 256 256 NIST P 256 2 Subject Public Key Info Sub ject Public Key Algorithm RSA 2048 256
123. HTTP m 2016 1 1 H 12 31 2017 1 1 x Firefox 2014 SSL TLS RSA 2015 SHA 1 E 2015 E23 2048 Firefox 3 201 VE 2017 1 1 UI ZW Y wu 2016 4 E M NONE 2017 1 1 2017 E A E IS He INEA ww t9 QN tA 7 38 http blogs technet com b pki archive 2013 11 12 shal deprecation policy aspx http blog chromium org 2014 09 gradually s
124. 3 6 Appendix 4 6 2 S TS SR OD EXE SE RI E zuo x E IH 1X 4 6 SSL TLS
125. 6 3 3 DHE ECDHE puede ROR ox RSA RSA DEV RSA DHE ECDH ECDHE Rl E DHE ECDHE ECDH 2048 RSA a d ba
126. SSL On demand Java Active X TP Gu xL SSL Tp VPN3 SRL VNE SSL I SSL TLS 6l Appendix SSL TLS 62 Appendix A URL pdf hk http wwwr ipa go jp files 000045632 pdf excel http www ipa go jp files 000045630 xlsx AJ
127. SSL2 0 2005 SSL2 0 SSL3 0 RFC6101 1995 SSL2 0 Jit POODLE CBC E 2014 10 POODLE SSL3 0 SSL3 0 fs EIE IXI LC S 75 POODLE La TLS1 0 RFC2246 1999 MAC HMAC 2015 3 10096 CBC TLS1 0 m F
128. TLS1 2 TLS1 1 TLS1 0 SSL3 0 SSL2 0 3 2 gt S s E 2 2 D E E O x O O X 4 9 SSL2 0 TLS1 2 6 6 SSL TLS TLS1 2 TLS1 1 TLS1 0 SSL3 0 SSL2 0 SSL2 0 CBC BEAST POODLE TLS1 2 TLS1 1 TLS1 0 SSL3 0 SSL2 0 128 AES Camellia GCM CCM SHA 2 SHA 256 SHA 384 MEN SSL TLS 20 2740 SSL3 0 POODLE POODLE BEA
129. Xn 2048 2048 SHA 1 P uu z Wr Microsoft Internet Explorer 2017 1 1 Google Chrome Chrome 39 SHA 1 CE amp zvic 33gl 8 MUFO k SHAR SHA 1 E E ms E RSA xm E 3 39 2017 1 1 p 2016 6 1 H 12 31 2017 1 1
130. gul SSL TLS 27 SSL TLS 5 4 2 CA 5 44 44 SSL TLS CA CA 5 CA
131. 38 10 a TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x00 0x9F TLS DHE RSA WITH CAMELLIA 256_GCM_SHA384 0xC0 0x7D 8 TLS_DHE_RSA_WITH_AES_128_GCM_SHA236 0x00 0x9E TLS DHE RSA WITH CAMELLIA 128 GCM_SHA256 0xC0 0x7C DHE 2048 DHE DHE oc 8 11 ECDH ECDSA 11 11 oc
132. Default Web Site web config 5 max age 365 31 536 000 includeSubDomains Strict Transport Security max age 31536000 includeSubDomains N Btrict Transport Security V max age 31536000 includeSubDomains 60 TOK B 5 OCSP Stapling B 5 1 Apache OCSP staping SSLStaplingCache stapling_cache 128 000 lt VirtualHost 443 gt SSLStaplingCache shmcb tmp stapling cache 128000 SSL TLS 79 lt VirtualHost 443 gt SSLCACertificateFile etc ssl ca certs pem SSLUseStapling on VirtualHost B 5 2 nginx OCSP stapling
133. POODLE 237 SSL3 0 TLS1 x POODLE ILSLx 2 1 TLS1 x SSL3 0 1 TLS1 x POODLE POODLE again S https www imperialviolet org 2014 12 08 poodleagain html 1 https cve mitre org cgi bin cvename cgi name CVE 2014 8730 SSL TLS 21 5 JV 3REB SEO RE XE
134. SHA 256 GCM CCM SHA 256 SHA 384 CBC BEAST TLS_RSA_WITH_AES_128_CBC_SHA 2015 3 5596 7 POODLE Padding Oracle On Downgraded Legacy Encryption SSL3 0 http www ipa go jp security announce 20141017 ssl html SSL TLS 8 2 1 2 SSL TLS
135. SSL TLS 42 23749 FREAK FREAK SSL TLS RSA RSA EXPORT RSA_EXPORT 2000 2048 RSA 512 RSA RSA SSL TLS 512 RSA Amazon EC2 100 12 768
136. Subject Public Key Algorithm RSA OID 1 2 840 113549 1 1 1 2048 e Nha THER 256 NIST P 256 OID 1 2 840 10045 3 1 7 9 Certificate Signature Algorithm RSA 4 L SHA 256 sha256WithRSAEncryption OID 1 2 840 113549 1 1 11 2048 ECDSA SHA 256 ecdsa with SHA256 OID 1 2 840 10045 4 3 2 256 NIST P 256 e e
137. P geo d eco SSL TLS SSL2 0 TLS1 2 4 2 x 6 SSL TLS TLS1 2 e TLSI2 TLS1 1 TLS1 2 TLS1 1 TLS1 0 SSL3 0 SSL2 0 x x x x O X SSL3 0 SSL2 0 TLS1 1 TLS1 2 e
138. 3 A BEB 3 D i 5 3 eise Ll i 6 RSAN 2048 n O i 7 DHE ooo 1 5 5 RAE 5 3 li 5 1 5 pun wara 3 6 m Ej EH 4 ii 3 Apes s M 7 BOR S 38H 3 j D ii 4 3 G m T T D ii 5 3 A
139. 5 B 6 SHA 256 SHA 1 Public Key Pinning pin sha256 SHA 256 pinned fingerprint Base64 pin sha256 SHA 256 backup pinned fingerprint Base64 max age 6 IOK HSTS Public Key Pinning setenv add response header SSL TLS 82 Appendix C Appendix
140. Firefox 34 Firefox ESR 31 3 0 SSL3 0 SSL TLS 59 9 9 1 VPN over SSL SSL VPN SSL VPN SSL VPN SSL VPN SSL VPN VPN TIPsec VPN VPN VPN SSL TLS Appendix A 3 Appendix A 2 SSL VPN
141. 6 5 2 SSL TLS 40 ECDH ECDSA 13 13 OBERE iB A TLS_ECDHE_BCDSA_WITH_AES_128_GCM_SHA236 0xC0 0x2B TLS ECDHE RSA_WITH_AES_128_GCM_SHA256 0xC0 0x2F TLS ECDHE RSA WITH AES 128 CBC SHA 0xC0 0x13 C TLS ECDH ECDSA WITH AES 128 GCM SHA256 0xC0 0x2D TLS ECDH RSA WITH AES 128 CBC SHA 0xCO 0xOE Dp TLS_ECDHE ECDSA WITH AES 256 GCM SHA384 0xC0 0x2C TLS ECDHE RSA WITH AES 256 GCM SHA384 0xC0 0x30 TLS ECDHE RSA WITH AES 256 CBC SHA 0xCO0 0x14 SSL TLS 41 GER FE TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC0 0x2E TLS ECDH RSA WITH AES 256 CBC SHA 0xCO0 0x0F H 9 EC
142. Base64 OpenSSL PEM Public Key Pins OpenSSL PEM certificate pem SHA 256 Base64 openssl x509 noout in certificate pem pubkey openssl asnlparse noout inform pem out pu blic key openssl dgst sha256 binary public key openssl enc base64 B 6 1 Apache B 6 mod_headers Header always set Public Key Pins pin sha256 SHA 256 pi nned fingerprint Base64 pin sha256 SHA 256 backup pinned fingerprint Base64 max age mod_headers httpd conf v https projects dm id l1v s pkp online calculator html SSL TLS
143. MDS5 SHA 1 e RSA Subject Public Key Info Subject Public Key Algorithm RSA OID 1 2 840 113549 1 1 1 2048 9 X7 SREERAQJA2MS TIG A 238EB EPCOUEA4YJeGU XA Certificate Signature Algorithm SHA 256 SHA 1 RSA 4 SHA 256 sha256WithRSABncryption OID 1 2 840 11
144. REOT Js HAEl ii 5 XELReSLOO REB 4 UAR TATHARITOREE Li 8 1 in ii 6 ECDHEI k 5E DER amp 256 1 HELEIC BUE UI aA E O Q ii DHE ii 8 DHE 2048 Ea R2 SSL TLS 18 4 SSL TLS 1994 SSL2 0 2014 3 TLS1 2 5 4 1 4 2 4 1
145. B 2 2 lighttpd lighttpd SSL TLS 73 e ssl use tlsv1 1 disable ssl use tlsv1 disable ssl use sslv3 disable ssl use sslv2 disable e ssl use sslv3 disable ssl use sslv2 disable e ssl use sslv2 disable B 2 3 nginx nginx TLS1 1 TLS1 2 OpenSSL 1 0 1 Ver 1 1 13 1 0 12 OpenSSL ver 1 0 1 ssl protocols TLSv1 2 e dex 1 1 13 1 0 12 ssl protocols TLSv1 2 TLSv1 1 TLSv1 Ver 1 1 13 1 0 12 OpenSSL ver 1 0 1 ssl protocols TLSv1 ssl protocols TLSv1 2 TLSv1 1 TLSv1 SSLv3 Ver 1 1 13 1 0 12 OpenSSL ver 1 0 1 ssl protocols TLSv1 SSLv3 B 2 4 Microsoft IIS OS SSL TLS 74 TLS1 2 TLS1 1 TLS1 0 SSL3 0 SSL2 0 Win
146. TLS RSA WITH AES 128 CBC SHA TLS RSA WITH AES 256 CBC SHA TLS RSA WITH RC4 128 SHA TLS RSA WITH 3DES EDE CBC SHA TLS ECDHE RSA WITH AES 128 CBC SHA P256 TLS ECDHE RSA WITH AES 128 CBC SHA P384 TLS ECDHE RSA WITH AES 128 CBC SHA P521 TLS ECDHE RSA WITH AES 256 CBC SHA P256 TLS ECDHE RSA WITH AES 256 CBC SHA P384 A Windows Server 2008 2008 R2 2012 2012 R2 GUI NARTAC IIS Crypto https www nartac com Products IIS Crypto SSL TLS 83 1 6 TLS ECDHE ECDSA WITH AES 256 GCM SHA384 P384 TLS ECDHE ECDSA WITH AE S 128 GCM SHA256 P256 TLS ECDHE ECDSA WITH AES 128 GCM SHA256 P256 TLS ECDHE ECDSA WITH AE S 128 CBC SHA256 P256 TLS ECDHE RSA WITH AES 128 CBC SHA256 P256 TLS EC DHE ECDSA WITH AES 128 CBC SHA P256 TLS ECDHE RSA WITH AES 1
147. TLS1 2 TLS1 0 TLS1 2 1 0 SSL3 0 2048 RSA R 256 ECDSA 128 256 AES Camellia RC4 Triple DES 3 3 2 zu gt e h Appendix A SSL TLS
148. Appendix B Appendix BJ B 1 1 Apache Apache HTTP Server httpd ssl conf ds VirtualHost 443 SSLEngine on SSLCertificateFile etc ssl chain crt SSLCertificateKeyFile etc ssl server key Appendix C 2 SSLCipherSuite Appendix B 2 1 SSLProtocol SSLHonorCipherOrder On ZR Ai n Xa HTTP Strict Transport Security OCSP Stapling Public Key Pinning
149. RSA 2010 512 v FO RSA FREAK RSA_EXPORT EXPORT RSA_BEXPORT PFREAK RSA EXPORT RSA_EXPORT Factoring RSA Export Keys SSL TLS 43 7 SSL TLS
150. 38 Eea EE EE 73 1 23 nex D EC Ee a Uni an S ELI Ln Lin A end ip epo Lcid 74 B 2 4 Microsoft IIS see 74 B 3 iie odisti E ctm v lavado v aa rpo E ended 75 B 3 1 OpenSSL DHE ECDH ECDHE 75 B 3 2 Apache DHE ECDH ECDHE Lies 76 B 3 3 lighttpd DHE ECDH ECDHE isse 76 B 3 4 nginx DHE ECDH ECDHE 76 B 4 HTTP Strict Transport Security HSTS 77 BAL Apache ORE oen Vocis EE EEE oe PEE EINE S uim SYS 77 BA 2 DS RO OB Gomes tont tete idet Puit bel lel NN 77 B3 onem NEC kk hk t n db En taa e e OU RASEN CODI Ata El RUN 78 B 4 4 Microsoft IIS ui 78 B5 OCSP Stapling DRED a arae i HE ERA DAE UR FOL Has KM HEX NV IR Ede ed 79 B5 Apache 00 9 E oco a etin Mr o ay ope ab ov Mea tav d Ea B Dra 79 URN IN Rr v2 NR E 80 B 5 3 Microsoft IIS Lt 80 B 6 Public Key Pinning WW oo 80 B 56 l Apache 0 e e AA ESN ASEE adi ede ovt Ord eddie den otv iren o US 81 B 6 2 lighttpd CO mE DI erisera desi EE
151. ER ER 82 B 5 3 mpmco d B eor p UN OMM e DN cni 82 Bi64cMicrosoftHHS 82 Appendix C C oia Qr RO ERR ID o RR I EN ND 83 C 1 Windows Got as b c aH n Eb VIN EE 83 C3 Opens SEL SL ue be Fes Fa RS 84 C 2 1 Apache lighttpd nginx DIRA uec et ele bd re vla cepe rie aded ebato 84 C 2 2 OpenSSL ii 85 Appendix D CA 88 D 1 CA 88 D 2 Active Directory CA 90 SSL TLS 3 2015 8 3 Ver 1 1 Appendix B 6 SSL TLS H yr H 7 BX AE 1 1 1 2013 3 J SSL TLS E
152. SHA AES256 GCM SHA384 AES256 SHA256 CAMELLIA256 SH A AES256 SHA e ECDHE ECDSA AES128 GCM SHA256 ECDHE RSA AES128 GCM SHA256 DHE RSA AESI 28 GCM SHA256 DHE RSA AES128 SHA256 DHE RSA CAMELLIA128 SHA DHE RS A AES 128 SHA AES128 GCM SHA256 AES128 SHA256 CAMELLIA128 SHA AES128 SHA ECDH E CDSA AES128 GCM SHA256 ECDH RSA AES128 GCM SHA256 ECDHE ECDS A AES256 G CM SHA384 ECDHE RSA AES256 GCM SHA384 DHE RSA AES256 GCM SHA384 DHE RS A AES256 SHA256 DHE RSA CAMELLIA256 SHA DHE RSA AES256 SHA AES256 GCM S HA384 AES256 SHA256 CAMELLIA256 SHA AES256 SHA ECDH ECDSA AES256 GCM SH A384 ECDH RS A AES256 GCM SH A384 e DHE RSA AES128 GCM SHA256 DHE RSA AES128 SHA256 DHE RSA CAMELLIA128 SHA DHE RSA AES128 SHA AES128 GCM SHA256 AES128 SHA256 CAMELLIA128 SHA AESI 28 SHA DHE RSA AES256 GCM SHA384 DHE RSA AES256 SHA256 DHE RSA CAMELLIA 256 SHA DHE RSA AES256 SHA AES256 GCM SHA384 AES256 SHA256 CAMELLIA256 SH A AES256 SHA RCA SHA EDH RS A DES CBC3 SHA DES CBC3 SHA 46 DHE AESGCM RSA ABSGCM DHE CAMELLIA DHE AES RSA CAMELLIA RSA AES DSS PSK SRP 6 5 2 47 EBCDHE AESGCM DHE AESGCM RSA ABSGCM DHE CAMELLIA DHE AES RSA CAMBLLI A RSA AES BCDH AES
153. Subject Public Key Info Subject Public Key Algorithm Subjects Public Key Cerdficate Key Usage Subject Public Key Algorithm RSA Certificate Key Usage C Signing Key Encipherment Subject s Public Key l EDA EARE opo 3 S S SS CIE DANTE RSA RA Signing RSA Key Encipherment uu NS xli 5 ul Q LK x id AP 7 Tris 5 9 18 Windows
154. 28 CBC S HA P256 TLS RSA WITH AES 128 CBC SHA256 TLS RSA WITH AES 128 CBC SHA T LS ECDHE ECDSA WITH AES 256 GCM SHA384 P384 TLS ECDHE ECDSA WITH AES 256 CBC SHA384 P384 TLS ECDHE RSA WITH AES 256 CBC SHA384 P256 TLS ECD HE ECDSA WITH AES 256 CBC SHA P256 TLS ECDHE RSA WITH AES 256 CBC SH A P256 TLS RSA WITH AES 256 CBC SHA256 TLS RSA WITH AES 256 CBC SHA TLS ECDHE ECDSA WITH AES 128 GCM SHA256 P256 TLS ECDHE ECDSA WITH AE S 128 CBC SHA256 P256 TLS ECDHE RSA WITH AES 128 CBC SHA256 P256 TLS EC DHE ECDSA WITH AES 128 CBC SHA P256 TLS ECDHE RSA WITH AES 128 CBC S HA P256 TLS RSA WITH AES 128 CBC SHA256 TLS RSA WITH AES 128 CBC SHA T LS ECDHE ECDSA WITH AES 256 GCM SHA384 P384 TLS ECDHE ECDSA WITH AES 256 CBC SHA384 P384 TLS ECDHE RSA WITH AES 256 CBC SHA384 P256 TLS ECD HE ECDSA WITH AES 256 CBC SHA P256 TLS ECDHE RSA WITH AES 256 CBC SH A P256 TLS RSA WITH AES 256 CBC SHA256 TLS RSA WITH AES 256 CBC SHA TLS RSA WITH RCA4 128 SHA TLS RSA WITH 3DES EDE CBC SHA A gt OK 7 C 2 OpenSSL C 2 1 Apache lighttpd nginx Apache lighttpd nginx
155. 3549 1 1 11 2048 RSA amp SHA 1 shalWithRSABncryption OID 1 2 840 113549 1 1 5 2048 SHA 1 SHA 1 8 3 1 uli e E e
156. 81 LoadModule headers module modules mod headers so B 6 2 lighttpd B 6 setenv add response header Public Key Pins gt pin sha256 SHA 256 pinned fingerprint Base64 pin sha256 SHA 256 backup pinned fingerprint Base64 max age B 6 3 nginx B 6 add header Public Key Pins pin sha256 SHA 256 pinned fingerprint Base64 pin sha256 SHA 256 backup pinned fingerprint Base64 max age B 6 4 Microsoft IIS IIS B 6 1 IS 2 3 HTTP 4
157. 84 0x00 0x9F TLS DHE RSA WITH CAMELLIA 256 CBC SHA 0x00 0x88 E TLS RSA WITH AES 256 GCM SHA384 0x00 0x9D TLS RSA WITH CAMELLIA 256 CBC SHA 0x00 0x84 F 9 DHE 1024 RSA 2048 DHE DHE A F 13 TLS1 1 TLS1 0 Triple DES SSL TLS BEAST AES
158. AES 256 CBC SHA DHE RSA AES256 SHA TLS DHE RSA WITH AES 128 CBC SHA DHE RSA AES128 SHA TLS RSA WITH AES 256 GCM SHA384 AES256 GCM SHA384 TLS_RSA_WITH_AES_128_GCM_SHA23S6 AES128 GCM SHA2S6 TLS RSA WITH AES 256 CBC SHA256 AES256 SHA256 TLS RSA WITH AES 128 CBC SHA256 AES128 SHA256 TLS RSA WITH CAMELLIA 256 SHA CAMELLIA256 SHA TLS RSA WITH CAMELLIA 128 SHA CAMELLIA128 SHA TLS RSA WITH AES 256 CBC SHA AES256 SHA TLS RSA WITH AES 128 CBC SHA AES128 SHA TLS ECDH RSA WITH AES 256 GCM SHA384 ECDH RSA AES256 GCM SHA384 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 ECDH BCDSA AES256 GCM SHA384 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA236 ECDH ECDSA AES128 GCM SHA2S6 TLS_BCDH_RSA_WITH_AES_128_GCM_SHA236 ECDH RSA AES128 GCM SHA256 TLS RSA WITH RCA4 128 SHA RC4 SHA TLS DHE RSA WITH 3DES EDE CBC SHA EDH RSA DES CBC3 SHA TLS RSA WITH 3DES EDE CBC SHA DES CBC3 SHA SSL TLS 87 Appendix D CA D 1 CA CA
159. DHE ECDH 256 6 5 3 6 1 14 A B A A F 6 3 2 G HH RFC TLS1 2 TLS1 1 TLS1 0 RFC SSL TLS
160. GCM DSS PSK SRP 6 5 2 48 DHE AESGCM RSA AESGCM DHE CAMELLIA DHE AES RSA CAMELLIA RSA AES RC4 S HA EDH RSA DES CBC3 SHA DES CBC3 SHA DSS PSK SRP 6 5 3 SSL TLS 86 17 6 5 OpenSSL TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 ECDHE ECDSA AES256 GCM SHA384 TLS ECDHE RSA WITH AES 256 GCM SHA384 ECDHE RSA AES256 GCM SHA384 TLS ECDHE ECDSA WITH AES 128 GCM SHA256 ECDHE ECDSA AES128 GCM SHA256 TLS ECDHE RSA WITH AES 128 GCM SHA256 ECDHE RSA AES128 GCM SHA256 TLS DHE RSA WITH AES 256 GCM SHA384 DHE RSA AES256 GCM SHA384 TLS DHE RSA WITH AES 128 GCM SHA256 DHE RSA AES128 GCM SHA256 TLS DHE RSA WITH AES 256 CBC SHA256 DHE RSA AES256 SHA256 TLS DHE RSA WITH AES 128 CBC SHA256 DHE RSA AES128 SHA256 TLS DHE RSA WITH CAMELLIA 256 CBC SHA DHE RSA CAMELLIA256 SHA TLS DHE RSA WITH CAMELLIA 128 CBC SHA DHE RSA CAMELLIA128 SHA TLS DHE RSA WITH
161. L3 0 SSL2 0 IE6 x x A O O IE7 x x O O A IE8 A A O O A IE9 A A O O A IE10 A A O O A IE11 A A O O A ON 4 OFR X SSL TLS 56 f8 amp amp 20224 ER BERTE DOM JRR SmartScreen SSL 2 0 SSL 30 TLS 1 0 TLS 1 1 TLS 1 2 SS S S S HiME RE Ae hz e dz POST POST duod vimm Sr Calc 1 Internet Explorer Internet Explorer RI Internet Explorer yty KS
162. PSK KRB ECDH ECDSA 651 6 1 10 oc o 8 SSL TLS
163. S RC4 TLS1 0 Triple DES TLS1 0 Triple DES AES Camellia TLS1 0 RC4 e TLS1 0 RC4 AES Camellia e NN RC4 RC4 DAL NN CE NIST ENISA SSL TLS RC4 6 3 SSL TLS NC
164. SSL TLS 27 8 CX 1 OE 5 MENE C CES dica CORPER 5 DONE T 0o 2 o 2m T 5 1 3 D N A En S 6 2 7 2c SSSRIPES OW B esee i LM 7 2 1 1 CDINR DA LM NNHHRNET E 7 2 152 7 Sk 9 22 ol su rcd MOL RTT 10 2343 CRYPIRECIHEE IR P au exiQdit stindv ia Ei 10 2 2 2 RUE SEES JE LAICISU XESNEO BOE us sies e E rr REESE IREH DN FUN R uS 10 PARTI i 13 3 Muu 14 OM NMEE Eo 6 qox Soo S aci EE 14 EME uo LOL A NERONI ONT 16 PAESI 3 poo wc TEPORE 17 4 TA cc I a A OR T a a E E E EEE 19 l 7a FaN q oV Veo m RIBOE aeos eiin A ke E EENE 19 4 2 Ta parr VaV L DREMEN LG erbe YER bebe e EVEO UNE 20 5 uci 22 5 1 tte 22 5 2 uuu 26 5 8
165. ST SSL3 0 CBC BEAST BEAST 1 N 1 POODLE SSL3 0 SSL3 0 1 1 256 DV POODLE SSL3 0
166. Trusted Third Party CA I Web Trust for CA CA B Bs Web 1 o e E 3 4 5 6 1 SSL TLS Certificate Authority SSL TLS 9 2 9 2 2 1 CRYPTREC CRYPTREC
167. dix B 1 2 lighttpd conf max age 365 31 536 000 includeSubDomains setenv add response header Strict Transport Security gt max age 31536000 includeSubDomains 72313 HTTP HTTPS Appendix B 1 2 modules conf lighttpd conf SSL TLS 77 modules conf k T server modules mod redirect qui lighttpd conf SHTTP scheme http HTTP host url redirect gt https 260 0 B 4 3 nginx HTTP HSTS max age 365 31 536 000 includeSubDomains
168. dows Server 2008 x x O O O Windows Vista x x O O Windows Server 2008 R2 O O O Windows 7 Windows O O O O O O X Schanneldl https support microsoft com en us kb 245030 B 3 mPpE XLRDUTG4U HKEY LOCAL MACHINEXSYSTEMxXCurrentControlSetXControlYXSecurityProvidersXSchannelY ProtocolsXSSL 2 0XServer DisabledByDefault dword 00000001 HKEY LOCAL MACHINEXSYSTEMxXCurrentControlSetXControlYXSecurityProvidersXSchannelY ProtocolsXSSL 3 0XServer DisabledByDefault dword 00000001 HKEY LOCAL MACHINEXSYSTEMxXCurrentControlSetXControlYSecurityProvidersXSchannelY Protocols TLS 1 0XServer DisabledByDefault dword 00000001 HKEY LOCAL MACHINEXSYSTEMxXCurrentControlSetXControlYXSecurityProvidersXSchannelY Protocols TLS 1 1 Server DisabledByDefault dword 00000001 HKEY LOCAL MACHINEXSYSTEMxXCurrentControlSetXControlYXSecurityProvidersXSchannelY Protocols SSL 2 0XServer DisabledByDefault dword 00000001 HKEY LOCAL MACHINEXSYSTEMxXCurrentControlSetXControlYXSecur
169. ityProvidersXSchannelY ProtocolsXSSL 3 0XServer DisabledByDefault dword 00000001 HKEY LOCAL MACHINEXSYSTEMxXCurrentControlSetXControlYXSecurityProvidersXSchannelY ProtocolsXSSL 2 0XServer DisabledByDefault dword 00000001 B 3 1 OpenSSL DHE ECDH ECDHE OpenSSL DHE 2048 SSL TLS 75 m openssl dhparam out dh2048 pem outform PEM 2048 ECDH ECDHE 256 openssl ecparam out prime256v1 pem name prime256v1 B 3 2 Apache DHE ECDH ECDHE SSLCertificateFile PEM SSL Apache 2 4 7 SSLCertficateFile DHE BCDH ECDHE Appendix B 1 1
170. ndix B 4 Hlighttpd OCSP Stapling B 1 3 nginx nginx nginx conf server listen 443 ssl SSL TLS 72 ul ssl certificate etc ssl chain crt n ss certificate key etc ssl server key Appendix C2 ssl ciphers Appendix B 2 3 ss protocols Ss prefer server ciphers on HTTP Strict Transport Security OCSP Stapling Public Key Pinning 7 2 Appendix B 4 B2 B 2 1 Apache Apache e SSLProtocol TLSv1 2 e SSLProtocol All SSLv2 SSLv3 SSLProtocol All SSLv2
171. ning OK max age Known Pinned Host includeSubDomains Public Key Pins pin sha256 OQtXc8 scL7K6HiPksQ8mqglyY08Xdc4Z5raHT xSh9 s pin sha256 kb6xLprt35abNnSn74my4DkfyaOarbk5zN5a60YzuqE max age 3000 includeSubDomains SSL 1 SHA 256 pinned fingerprint Base64 QtXc8 SHA 256 backup pinned fingerprint Base64 kb6xLp max age 30 3 000
172. unsetting sha 1 html https groups google com a chromium org forum ft topic security dev QNV Vo4 dyQE https wiki mozilla org CA MD5and1024 https blog mozilla org security 2014 09 23 phasing out certificates with sha 1 based signaturealgorith ms SSL TLS 58 8 3 0 SSL3 0 POODLE SSL3 0 Internet Explorer MS15 032 lInternet Explorer 3038314 C X 0 Internet Explorer 11 SSL3 Internet Explorer URL 3009008 https technet microsoft com ja jp library security 3009008 aspx Google Chrome Chrome 40 SSL3 0 Firefox 0 SSL3 0 TAT PARAYI

「SSL/TLS暗号設定ガイドライン」(v1.1)

Contents

Download Pdf Manuals

Related Search

Related Contents