Closed Bug 1134437 Opened 5 years ago Closed 5 years ago

Delay move to PFS cipher suites

Categories

(Core :: WebRTC: Networking, defect)

37 Branch
defect
Not set

Tracking

()

RESOLVED FIXED
mozilla37
Tracking Status
firefox36 --- unaffected
firefox37 + fixed
firefox38 --- wontfix

People

(Reporter: msander, Assigned: mt)

References

Details

Attachments

(1 file, 1 obsolete file)

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.111 Safari/537.36

Steps to reproduce:

The move to support only PFS cipher suites in Fx 37 will cause interoperability problems for 0penTok mobile clients using older versions of webrtc.org code.

In addition to supporting browsers like FireFox and Chrome, we also have a number of partners who use WebRTC using native applications built on top of native mobile SDKs. These applications routinely rely on interoperability with browsers as part of their use-case.

The versions of mobile SDKs out in the wild are built on top of the webrtc.org code-base that is unable to do ECDHE suites and in turn cause interoperaibility issues when FF is not able to act as a server for DHE suites.

Both FF37 and Chrome interoperability has been resolved by a) https://bugzilla.mozilla.org/show_bug.cgi?id=1052610 and b) https://code.google.com/p/chromium/issues/detail?id=406458 respectively.

We are in the process of updating our mobile SDKs to support using PFS cipher suites but it usually takes more than 6 weeks for the average mobile application update cycle. As it stands today, interoperability with FireFox 37 will be broken once FF37 moves to production - https://wiki.mozilla.org/RapidRelease/Calendar#Future_branch_dates. 

We were wondering if support for non-PFS ciphers can be enabled in FF37 and PFS support pushed to FF38. This would help increase the percentage of end-users using mobile applications to receive the update in time to prevent interoperability issues with FireFox when FF38 lands into production.
Tagging EKR and Brad, since they've given this some thought.
Flags: needinfo?(ekr)
Flags: needinfo?(blassey.bugs)
OS: Mac OS X → All
Hardware: x86 → All
My interest is in not delaying the transition to PFS-only indefinitely.

If we land https://bugzilla.mozilla.org/show_bug.cgi?id=102794 will there
be any objection to turning this on?
Flags: needinfo?(ekr)
I am OK with pushing this off to 38, but not any further than that (it is an ESR release).
Flags: needinfo?(blassey.bugs)
Martin -- Would you have time to write a patch for this bug (to delay enforcing cipher suites in Fx37 only)?   I'm copying Richard who I'm hoping has the time to review such a patch when it's ready.  

FYI: Fx37 uplifts to Beta next week, and I believe Beta-build1 "goes to build" on Tuesday/Wednesday.  We don't have to land this in time for build1 of Beta (this isn't a fire drill), but it would be nice.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: needinfo?(martin.thomson)
Delaying this until Fx38 will be really helpful, thank you.
I'm going to re-enable both TLS 1.2 and the static RSA cipher suites in Aurora only.

https://treeherder.mozilla.org/#/jobs?repo=try&revision=f388153986c8
https://reviewboard.mozilla.org/r/4053
Flags: needinfo?(martin.thomson)
Attached file MozReview Request: bz://1134437/mt (obsolete) —
/r/4055 - Bug 1134437 - Enable TLS 1.2 and static RSA ciphersuites, r=abr

Pull down this commit:

hg pull review -r 725160562d1deaf20750dca18ab27cccda32390f
Attachment #8566878 - Flags: review?(adam)
https://reviewboard.mozilla.org/r/4055/#review3255

To the extent that I understand the problem, this appears to address it. I'm not an expert on the suites that we're re-enabling, but trust that Martin got that part right.
Attachment #8566878 - Flags: review?(adam) → review+
Comment on attachment 8566878 [details]
MozReview Request: bz://1134437/mt

Approval Request Comment
[Feature/regressing bug #]: bug 1052610
[User impact if declined]: some WebRTC applications will not interoperate with Firefox, we've been asked to give them a little more time to update
[Describe test coverage new/current, TreeHerder]: TBPL and unit tests are OK with this; the area has good automated coverage
[Risks and why]: only that this is no longer considered "good" crypto
[String/UUID change made/needed]: none

Note: aurora/37 only please, we don't want this in 38
Attachment #8566878 - Flags: approval-mozilla-aurora?
Comment on attachment 8566878 [details]
MozReview Request: bz://1134437/mt

OK. Let's defer the security change to 38 and re-enable TLS 1.2 and static RSA ciphersuites in 37. Aurora+
Attachment #8566878 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
Depends on: 1052610
https://hg.mozilla.org/releases/mozilla-aurora/rev/366436d0a508
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Assignee: nobody → martin.thomson
Target Milestone: --- → mozilla37
Hi Michael -- The patch for this has now landed on Aurora (Fx37) and should be in the Aurora Nightly build tomorrow (Feb 21).  Can you help us test this and verify that this patch works as expected for you?  Thanks.
Flags: needinfo?(msander)
Yes, I'll let you know.
This is working as expected, thank you!
Flags: needinfo?(msander)
Attachment #8566878 - Attachment is obsolete: true
Attachment #8619520 - Flags: review+
You need to log in before you can comment on or make changes to this bug.