From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Jimmy Yuen Ho Wong Newsgroups: gmane.emacs.bugs Subject: bug#31946: 27.0.50; The NSM should warn about more TLS problems Date: Thu, 28 Jun 2018 16:58:51 +0100 Message-ID: References: <87fu1apchn.fsf@gmail.com> <83in65r4n9.fsf@gnu.org> <87y3f1njku.fsf@gmail.com> <87tvpnojgt.fsf@gmail.com> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Trace: blaine.gmane.org 1530201561 23217 195.159.176.226 (28 Jun 2018 15:59:21 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Thu, 28 Jun 2018 15:59:21 +0000 (UTC) Cc: 31946@debbugs.gnu.org, Lars Ingebrigtsen To: Noam Postavsky Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Thu Jun 28 17:59:16 2018 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fYZKG-0005xf-HA for geb-bug-gnu-emacs@m.gmane.org; Thu, 28 Jun 2018 17:59:16 +0200 Original-Received: from localhost ([::1]:37330 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fYZMN-0002d7-UB for geb-bug-gnu-emacs@m.gmane.org; Thu, 28 Jun 2018 12:01:27 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:42159) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fYZL6-0001l1-M6 for bug-gnu-emacs@gnu.org; Thu, 28 Jun 2018 12:00:14 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fYZL0-0007OB-QQ for bug-gnu-emacs@gnu.org; Thu, 28 Jun 2018 12:00:08 -0400 Original-Received: from debbugs.gnu.org ([208.118.235.43]:59102) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1fYZL0-0007Mq-MT for bug-gnu-emacs@gnu.org; Thu, 28 Jun 2018 12:00:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1fYZL0-0003qB-1x for bug-gnu-emacs@gnu.org; Thu, 28 Jun 2018 12:00:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Jimmy Yuen Ho Wong Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Thu, 28 Jun 2018 16:00:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 31946 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: security Original-Received: via spool by 31946-submit@debbugs.gnu.org id=B31946.153020155914680 (code B ref 31946); Thu, 28 Jun 2018 16:00:01 +0000 Original-Received: (at 31946) by debbugs.gnu.org; 28 Jun 2018 15:59:19 +0000 Original-Received: from localhost ([127.0.0.1]:38766 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fYZKI-0003oh-Se for submit@debbugs.gnu.org; Thu, 28 Jun 2018 11:59:19 -0400 Original-Received: from mail-it0-f43.google.com ([209.85.214.43]:35856) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fYZKH-0003oU-Go for 31946@debbugs.gnu.org; Thu, 28 Jun 2018 11:59:17 -0400 Original-Received: by mail-it0-f43.google.com with SMTP id j135-v6so13281273itj.1 for <31946@debbugs.gnu.org>; Thu, 28 Jun 2018 08:59:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=JsHCSTO+OCMn0bi1Z80v+iDTdsjxfejrzelm4qMfBRo=; b=HIEtVqE/P4MPB2RUqvSYM+r5Mt4Kt3Hno+jAcGDITVUEWEBRrKqJ8rfaZbGPRgNut4 y1EI8I1V9/bVsYenIHqay4+7bqO/dKLhSl2yMR8fVHtdwi7ZGH19N325S8pbQIkSTQqh EbZKhxRl2C4nXrL/bDSOkmJRa/sAgQUFEaXZuY6BSAdhrFuGDVcc8tUsw4BoJQV1Ycuo w7Vau9TCPE4tg4yo+rZ+jYOnbbSnqsRJLzSo91p804FyfEKZKrCZn8y+nBGnbcADNtUo t5Ir/Yu4dIsCPGaN0jZwpr8mXskT6y2mp744gZ+P7H4A24Cn3uLktCxAJySHYS/Y+br9 xKOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=JsHCSTO+OCMn0bi1Z80v+iDTdsjxfejrzelm4qMfBRo=; b=rvjgYHiHjOowALqL4yasH3JL0VZU8eZsXLuzwLPHzh0oQjWoYr3OKTjHonIrGpzZtl lr39s/IGELyBd2guiD9BWyE64Pswe8z2z5bFpriD6pNQqlB/s71vbgDiA4ZDQ4MvQUMx 9NrRNiDPVCPMKO9gaF8NSyDkHjcFIVjCgsFVV4BGKynFHBPJY59IM/3tPo/VKXpBjufW 2yHp0eCaH3LW6RND3q+rB0rDyMAasr7zw+cZUdoMeNHAowDiHAE5UMbTl8vto194ZYKB AXp/jvQ4/DJqEdhK2TA/UO3b2chOZgvH6vePa3oXYx9QHKnYeaffIuAFh/SwSV0pSqrq bIaA== X-Gm-Message-State: APt69E1LpBpQB1frayuFJHxOdo1wWn7EJ/ykov+l1mEEFnLBNmHzqUCQ tOYFUbrc4K/SHkCcDV94+TgEFLdgFPUc8jaTCvA= X-Google-Smtp-Source: AAOMgpcN7Jm3T+dXi3gAD/vk2bJ7PbC/x5s9qhAzhps4Y7tDjiIv2AZ0IOHvSQiQ/PLg2QMKEkqVWJMkqDa0KcX1nZQ= X-Received: by 2002:a02:4187:: with SMTP id n7-v6mr9237081jad.86.1530201551872; Thu, 28 Jun 2018 08:59:11 -0700 (PDT) Original-Received: by 2002:a02:985d:0:0:0:0:0 with HTTP; Thu, 28 Jun 2018 08:58:51 -0700 (PDT) In-Reply-To: <87tvpnojgt.fsf@gmail.com> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:147912 Archived-At: > > So, the client side can't be patched, and the server side doesn't really > need to be patched (just leave the "reuse ephemeral key" option turned > off). > He's talking about GnuTLS servers, nobody uses GnuTLS on the server-side, also GnuTLS' implementation of RFC 7919 doesn't seem to be in 3.5.x branch. A bit more update from my research, the authoritative list of browser capabilities is actually https://www.ssllabs.com/ssltest/clients.html . We can see that only IE and Opera still support DHE_RSA KX, and these browsers don't matter as game changers. Unless we plan to require GnuTLS 3.6+, we'll definitely need to warn in the 'medium level. This is a super simple check. > Furthermore, it seems gnutls has added support for standardized primes, > so that pretty much resolves the issue as much as it can be: > WRT RFC 7919, IMO, it is dead on arrival, even when it is approved. With DHE based ciphers removed in browsers, the only real options are TLS 1.2/1.3 with ECDHE KX, and fall back to TLS 1.2 with RSA KX.