cipherrun 0.3.0

A fast, modular, and scalable TLS/SSL security scanner written in Rust
id: mozilla-modern
name: Mozilla Modern TLS Configuration
version: 5.7
description: Mozilla Server Side TLS Configuration - Modern Profile (maximum security, some compatibility loss)
organization: Mozilla Foundation
effective_date: 2023-01-01

requirements:
  - id: MOZ-MODERN-1
    name: TLS 1.3 Only
    description: Only TLS 1.3 is permitted for maximum security
    category: Protocol Security
    severity: high
    remediation: |
      Configure servers to accept only TLS 1.3:
      - This provides the strongest security posture
      - Note: Some older clients may not support TLS 1.3
      - Consider using Intermediate profile if compatibility is needed

      TLS 1.3 improvements:
      - Faster handshakes (1-RTT, 0-RTT)
      - Mandatory forward secrecy
      - Removal of legacy algorithms
      - Encrypted handshake
    rules:
      - type: ProtocolVersion
        allowed:
          - TLS 1.3
        denied:
          - SSLv2
          - SSLv3
          - TLS 1.0
          - TLS 1.1
          - TLS 1.2

  - id: MOZ-MODERN-2
    name: Modern Cipher Suites Only
    description: Only modern AEAD cipher suites are permitted
    category: Cipher Security
    severity: high
    remediation: |
      Configure only the following cipher suites (in order of preference):
      1. TLS_AES_128_GCM_SHA256
      2. TLS_AES_256_GCM_SHA384
      3. TLS_CHACHA20_POLY1305_SHA256

      Disable all legacy cipher suites including:
      - CBC mode ciphers
      - Non-AEAD ciphers
      - RSA key exchange ciphers
    rules:
      - type: CipherSuite
        allowed_patterns:
          - "TLS_AES_128_GCM_SHA256"
          - "TLS_AES_256_GCM_SHA384"
          - "TLS_CHACHA20_POLY1305_SHA256"
        denied_patterns:
          - ".*_CBC_.*"
          - ".*_NULL_.*"
          - ".*_EXPORT_.*"
          - ".*_DES_.*"
          - ".*_3DES_.*"
          - ".*_RC4_.*"

  - id: MOZ-MODERN-3
    name: Strong Certificate Keys
    description: Minimum 2048-bit RSA or 256-bit ECC keys
    category: Certificate Security
    severity: high
    remediation: |
      Use strong cryptographic keys:
      - RSA: 2048 bits minimum (3072+ bits recommended)
      - ECC: 256 bits minimum (384 bits recommended)
      - P-256, P-384, or P-521 curves for ECC

      Replace any certificates with weaker keys.
    rules:
      - type: CertificateKeySize
        min_rsa_bits: 2048
        min_ecc_bits: 256

  - id: MOZ-MODERN-4
    name: SHA-2 Signatures Only
    description: Only SHA-2 family signature algorithms permitted
    category: Certificate Security
    severity: high
    remediation: |
      Use strong signature algorithms:
      - SHA-256 (minimum)
      - SHA-384
      - SHA-512

      Replace certificates using MD5 or SHA-1.
    rules:
      - type: SignatureAlgorithm
        allowed:
          - sha256
          - sha384
          - sha512
        denied:
          - md5
          - sha1

  - id: MOZ-MODERN-5
    name: Valid Certificate Chain
    description: Complete and valid certificate chain required
    category: Certificate Security
    severity: critical
    remediation: |
      Ensure proper certificate configuration:
      - Valid chain to trusted root CA
      - No expired certificates
      - Hostname matches certificate
      - OCSP stapling enabled (recommended)
    rules:
      - type: CertificateValidation
        require_valid_chain: true
        require_unexpired: true
        require_hostname_match: true

  - id: MOZ-MODERN-6
    name: Forward Secrecy Mandatory
    description: All TLS 1.3 cipher suites provide forward secrecy by default
    category: Cipher Security
    severity: high
    remediation: |
      TLS 1.3 provides perfect forward secrecy (PFS) by default.
      All TLS 1.3 cipher suites use ephemeral key exchange (ECDHE).
    rules:
      - type: ForwardSecrecy
        required: true

  - id: MOZ-MODERN-7
    name: No Known Vulnerabilities
    description: Server must be free of known TLS/SSL vulnerabilities
    category: Vulnerability
    severity: critical
    remediation: |
      Ensure server is not vulnerable to:
      - Heartbleed, POODLE, BEAST, CRIME
      - FREAK, Logjam, DROWN
      - Any other known TLS/SSL vulnerabilities

      Keep software updated to latest versions.
    rules:
      - type: Vulnerability