httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From William A Rowe Jr <wr...@rowe-clan.net>
Subject Re: Re: Disable SSLv3 by default
Date Mon, 04 May 2015 21:33:05 GMT
On Mon, May 4, 2015 at 4:26 PM, William A Rowe Jr <wrowe@rowe-clan.net>
wrote:

> --------- Original Message ---------
> Subject: Re: Disable SSLv3 by default
> From: "Arkadiusz Miƛkiewicz" <arekm@maven.pl>
> Date: 10/17/14 1:57 pm
> To: dev@httpd.apache.org
>
> On Friday 17 of October 2014, Kaspar Brand wrote:
> > On 17.10.2014 12:02, Takashi Sato wrote:
> > > SSLv3 is now insecure (CVE-2014-3566, POODLE)
> > > Let's disable SSLv3 by default, at least trunk.
> > >
> > > SSLProtocol default is "all".
> > > <http://httpd.apache.org/docs/trunk/mod/mod_ssl.html#sslprotocol>
> > > "all" means "a shortcut for ``+SSLv3 +TLSv1'' or - when using OpenSSL
> > > 1.0.1 and later - ``+SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2, respectively."
> > >
> > > Should we remove SSLv3 from "all" ?
> >
> > From a semantic point of view, I wouldn't do that. As long as we still
> > allow SSLv3 to be used, "all" should really mean "all protocols which
> > can be enabled in mod_ssl".
>
> Then add "safe" option (leaving "all" as is) and make "safe" default. safe
> would point to known safe protocols at release time.
>
>
> Is this a responsible recommendation, though?  Does TLSv1.0 offer any
> significant improvement over SSLv3.0 that HTTP server project endorses?
> Can or should 'we' officially designate SSLv3 as undesirable without
> making the same recommendation for TLSv1.0?
>
> It seems to me that SAFE at this time is TLSv1.2.
>
> It also seems to me that the first problem to solve is to ensure if the
> user
> removes SSLv3 (+/- TLSv1.0) from their openssl installed binary, that we
> simply respect that.  In that case, 'SSLProtocol all' should be just the
> remaining supported TLSv1.1 and TLSv1.2 protocols, or TLSv1.2-only.
>


And as I purge out all of my stale drafts - I notice this was brought up
again
w.r.t. POODLE.  I don't believe we want to alter the behavior of any config
that the user has deployed on a subrevision update (2.4.13 or 2.2.30, for
ex.)

We should propose solid new default configs, including the exclusion of both
SSLv3.0 and TLSv1.0, and aim to default to TLSv1.2 only (ciphers and
protocols)
effective with 2.6 or 3.0, and by default on maintenance branches as of the
beginning
of the coming year.

Mime
View raw message