(→Owner) |
|||
Line 8: | Line 8: | ||
* Name: [[User:Nmav| Nikos Mavrogiannopoulos]] | * Name: [[User:Nmav| Nikos Mavrogiannopoulos]] | ||
* Email: nmav@redhat.com | * Email: nmav@redhat.com | ||
* Release notes owner: | * Release notes owner: [[User:mccann2| Sandra McCann]] | ||
<!--- UNCOMMENT only for Changes with assigned Shepherd (by FESCo) | <!--- UNCOMMENT only for Changes with assigned Shepherd (by FESCo) | ||
* FESCo shepherd: [[User:FASAccountName| Shehperd name]] <email address> | * FESCo shepherd: [[User:FASAccountName| Shehperd name]] <email address> |
Latest revision as of 13:35, 25 August 2015
Disable SSL3 and RC4 by default
Summary
This change will disable by default the SSL 3.0 protocol and the RC4 cipher in components which use the system wide crypto policy. That is, gnutls and openssl libraries, and all the applications based on them.
Owner
- Name: Nikos Mavrogiannopoulos
- Email: nmav@redhat.com
- Release notes owner: Sandra McCann
Current status
Detailed Description
There are serious vulnerabilities known to the SSL 3.0 protocol, since a decade. Recent attacks (e.g., the POODLE issue #1152789) take advantage of them, negating the secrecy offerings of the protocol. The RC4 cipher is also considered cryptographically broken, and new attacks against its secrecy are made known every year (#1207101). Since attacks are only getting better, we should disable these broken protocols and ciphers system wide.
Benefit to Fedora
We will ship applications that support by default the known to be secure ciphers. Applications will still be able to enable the old ciphers and protocols for compatibility, but only after user override, or interaction.
Scope
- Proposal owners:
The crypto-policies package has to be updated to accommodate the new policies.
- Other developers: Should verify that their package works after the change. That is that their package doesn't require only SSL 3.0, or only the RC4 ciphersuites. If their package requires these options due to design, they should consider contacting upstream to update the software. If that is not possible, or this support is needed to contact legacy servers, they should consider not using the system wide policy, and make that apparent in the package documentation.
- Release engineering: This feature doesn't require coordination with release engineering.
- Policies and guidelines: The packaging guidelines do not need to be changed.
Upgrade/compatibility impact
After this change, there may be no impact on compatibility after upgrade, if the local network of the user contains servers which only support the removed protocols or ciphers.
How To Test
Common applications that depend on openssl or gnutls should be tested against known servers on the internet or LAN.
User Experience
If users rely on infrastructure which deploys the legacy protocols, ciphers they will be denied access to it. They will be able to enable the old ciphers globally be switching to LEGACY policy and running update-crypto-policies
Dependencies
repoquery --whatrequires gnutls repoquery --whatrequires openssl
Contingency Plan
- Contingency mechanism: The owner will revert the change
- Contingency deadline: beta freeze
- Blocks release? No
- Blocks product? No
Documentation
No documentation is available.
Release Notes
It should be mentioned in the released notes that SSL 3.0 and the RC4 cipher are not enabled by default in the programs we ship. Unfortunately that will not be in all programs we ship but in the programs that adhere to system-wide crypto policy. I.e., currently all applications that utilize TLS via NSS will not be affected by this change.