-
Notifications
You must be signed in to change notification settings - Fork 91
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RFC7465: Prohibiting RC4 Cipher Suites #153
Comments
@vincenthz @ocheron The next version would be major. We should think this again. |
To me the policy is already addressed with the addition of With what we have now, I don't see any use for |
to clarify, I called the "policy" a way to dynamically set the tls capability we allow/deny/use-by-default related to various criterion. For example I expect to be able to create a file in my home directory, or a service's working directory that contains policy statements, similar to this non-exhaustive list of example:
Once every policy choice are override-able, we can tighten the core to be more secure by default (not allow RC4 by default, not allow DH under < 1000 bits, etc.), without having a massive amount of users creating issues like "I can't access my private network SSL3 service from 2003 using triple DES" |
For a general-purpose library like connection that makes sense. push-notify-ccs has the only reference to ciphersuite_medium. (for simplicity I excluded packages with outdated tls dependencies) |
OK. I agree. |
No objection. |
Since nobody uses What should we do? |
Just FYI. Our company, IIJ, had kept RC4 on www.iij.ad.jp for a loooong time because a very few clients use RC4. But we finally threw RC4 away. |
I'm not usually a big fan about this argument, but consider that not all packages are public. I don't want to worry too much about stuff I don't know (for obvious reason), but it's hard to have real numbers about what is being used and where. it's only when you take things away that people manifest their unhappiness. I agree that the different categories of cipher is not really useful, and also slightly arbitrary, but until we have a real dynamic policy capability, I worry about doing this kind of changes. If we had the policy configuration, then we can get rid of all those cipher/versioning/hashing/certificates choices and instead just "hardcode" some reasonable secure choices with the assumption that anyone can have the configuration they need by editing couple of text file. |
adding to @kazu-yamamoto comment, I've seen private services still use SSL3/TLS10 with real and scary known openssl holes in them. There's an argument to be made for sure to not help them support this kind of thing (and the browser ecosystem actively throwing old stuff away has really helped us for the last few years), but haskell |
I think we have consensus that the library can stay agnostic and should provide what is necessary to make a choice at compile-time and runtime. We have recommandations for those who wish to be "secure" (default) and "very secure" (strong). It's just a matter of maintaining the lists and communicating over. Up until very recently #168 was not even in the CHANGELOG... The problem I have with For completeness I should also add that 4 public packages use |
I would like to propose:
|
I think here, this is the right thing to do, first a weak signal of future incoming removal, then .. profits |
From RFC7465:
And section 2, changes to TLS:
Removing RC4 from
ciphersuite_all
probably fixes quite a few other packages depending on safe set of defaults provided byciphersuite_all
. RFC is so strict that maybe removing RC4 fromciphersuite_medium
is also worth doing.The text was updated successfully, but these errors were encountered: