| Subject: | Do not override protocols and ciphers by default |
Current IO::Socket::SSL documentations reads:
* Set 'SSL_version' or 'SSL_cipher_list' to a "better" value.
IO::Socket::SSL tries to set these values to reasonable secure values,
which are compatible with the rest of the world. But, there are some
scripts or modules out there, which tried to be smart and get more
secure or compatible settings. Unfortunatly, they did this years ago
and never updated these values, so they are still forced to do only
'TLSv1' (instead of also using TLSv12 or TLSv11). Or they set 'HIGH'
as the cipher list and thought they are secure, but did not notice
that 'HIGH' includes anonymous ciphers, e.g. without identification of
the peer.
So it is recommended to leave the settings at the secure defaults
which IO::Socket::SSL sets and which get updated from time to time to
better fit the real world.
Looking at IO::Socket::SSL history, one can see a lot changes in the default protocol and cipher list varying from "ALL:!LOW" to "ciphers with forward secrecy, disables anonymous authentication and disables known insecure ciphers like MD5, DES etc.".
I believe that the last quoted paragraph applies not only to IO::Socket::SSL users, but to IO::Socket::SSL as an OpenSSL user too.
There are many other OpenSSL users next to IO::Socket::SSL/Net::SSLeay and from point of system administrator's view, tuning the default settings at one place, e.g. in the OpenSSL, is the only sane option. (Actually there is aim to make the configuration common for all cryptographic libraries like OpenSSL, GnuTLS, NSS, JDK. See <https://fedoraproject.org/wiki/Changes/CryptoPolicy> and <http://lwn.net/Articles/589197/> for more details.)
Therefore I propose to drop or allow to inhibit at build-time all the policy hackery implemented in the IO:Socket::SSL and leave it up to underlying cryptographic library (OpenSSL in this case).