Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Increase security of TLS settings in 3.10 #88164

Closed
tiran opened this issue May 1, 2021 · 4 comments
Closed

Increase security of TLS settings in 3.10 #88164

tiran opened this issue May 1, 2021 · 4 comments
Assignees

Comments

@tiran
Copy link
Member

@tiran tiran commented May 1, 2021

BPO 43998
Nosy @tiran, @hynek
PRs
  • #25778
  • #25790
  • Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = 'https://github.com/tiran'
    closed_at = <Date 2021-05-01.18:53:40.368>
    created_at = <Date 2021-05-01.10:41:52.117>
    labels = ['type-security', 'expert-SSL', '3.10', '3.11']
    title = 'Increase security of TLS settings in 3.10'
    updated_at = <Date 2021-05-01.20:17:08.005>
    user = 'https://github.com/tiran'

    bugs.python.org fields:

    activity = <Date 2021-05-01.20:17:08.005>
    actor = 'christian.heimes'
    assignee = 'christian.heimes'
    closed = True
    closed_date = <Date 2021-05-01.18:53:40.368>
    closer = 'christian.heimes'
    components = ['SSL']
    creation = <Date 2021-05-01.10:41:52.117>
    creator = 'christian.heimes'
    dependencies = []
    files = []
    hgrepos = []
    issue_num = 43998
    keywords = ['patch']
    message_count = 4.0
    messages = ['392582', '392586', '392616', '392629']
    nosy_count = 2.0
    nosy_names = ['christian.heimes', 'hynek']
    pr_nums = ['25778', '25790']
    priority = 'normal'
    resolution = 'fixed'
    stage = 'resolved'
    status = 'closed'
    superseder = None
    type = 'security'
    url = 'https://bugs.python.org/issue43998'
    versions = ['Python 3.10', 'Python 3.11']

    @tiran
    Copy link
    Member Author

    @tiran tiran commented May 1, 2021

    It's 2021. TLS 1.0 and 1.1 have been deprecated in RFC 8996. Browsers have disabled TLS 1.0 and 1.1, too. Python should no longer enable TLS 1.1 by default and require strong TLS ciphers with forward secrecy.

    I'm going to update Python's default cipher suite based on Hynek's excellent blog post https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ . I'll deviate in two minor points:

    • keep ephemeral, finite field Diffie-Hellman for legacy hardware. It's not that insecure, just slow.
    • enforce security level 2 to require strong RSA and DH keys. @SECLEVEL=2 enforced minimum of 112 bits security. Almost all common RSA certificates use 2048 bits RSA signature.

    I'm also going to set TLS 1.2 as minimum protocol version with Python is compiled with --with-ssl-default-suites=python or --with-ssl-default-suites=custom_string. Distro vendors can use --with-ssl-default-suites=openssl to override the setting.

    @tiran tiran self-assigned this May 1, 2021
    @tiran tiran self-assigned this May 1, 2021
    @tiran tiran added expert-SSL type-security labels May 1, 2021
    @tiran
    Copy link
    Member Author

    @tiran tiran commented May 1, 2021

    $ openssl ciphers -v '@SECLEVEL=2:ECDH+AESGCM:ECDH+CHACHA20:ECDH+AES:DHE+AES:!aNULL:!eNULL:!aDSS:!SHA1:!AESCCM'
    TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD
    TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any      Au=any  Enc=CHACHA20/POLY1305(256) Mac=AEAD
    TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(128) Mac=AEAD
    TLS_AES_128_CCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESCCM(128) Mac=AEAD
    ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
    ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
    ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD
    ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
    ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
    ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
    ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
    ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
    ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA256
    ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
    DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
    DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(128) Mac=AEAD
    DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
    DHE-RSA-AES128-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA256

    @tiran
    Copy link
    Member Author

    @tiran tiran commented May 1, 2021

    New changeset e983252 by Christian Heimes in branch 'master':
    bpo-43998: Default to TLS 1.2 and increase cipher suite security (GH-25778)
    e983252

    @tiran tiran closed this as completed May 1, 2021
    @tiran tiran closed this as completed May 1, 2021
    @tiran
    Copy link
    Member Author

    @tiran tiran commented May 1, 2021

    New changeset a5669b3 by Christian Heimes in branch 'master':
    bpo-43998: Fix testing without ssl module (GH-25790)
    a5669b3

    @ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Projects
    None yet
    Development

    No branches or pull requests

    1 participant