Closed Bug 1227521 Opened 9 years ago Closed 2 years ago

[meta] tracking bug for disabling TLS 1.0 and 1.1

Categories

(Core :: Security: PSM, task, P3)

Product:
Core
Component:
Security: PSM
Type:
task

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: tranogatha, Unassigned)

References

(
URL
)

Details

(Keywords: meta, Whiteboard: [psm-deprecation])

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:44.0) Gecko/20100101 Firefox/44.0 Build ID: 20151124004047 Steps to reproduce: TLSv1.0 and TLSv1.1 have problems that are fixed in TLSv1.2, hence plan for getting rid of TLSv1.0 and TLSv1.1 support in Firefox. This will make it simpler when TLSv1.3 comes along, so that we only support TLSv1.3 and TLSv1.2, instead of having to support 4 different versions.
Group: firefox-core-security
Component: Untriaged → Security: PSM
Product: Firefox → Core
Status: UNCONFIRMED → NEW
Ever confirmed: true
Whiteboard: [psm-deprecation]
I propose to NOT completely remove TLSv1.0/1.1 since many people still need that. E.g. me for connecting to an old server with remote access control (e.g. Dell DRAC4/5). I would have to stop using FF which would be a shame!
I felt like I should respond to hans - older hardware is annoying for sure when it comes to SSL, but I hope that that wouldn't be a blocker to protecting the web by default. You could perhaps do what I did when SSLv2 was dropped. I just grabbed an old copy of Firefox off the FTP server and set its own folder and with its own clearly labeled launcher and used that for all the hardware that didn't support anything better. Given how broken TLS 1.0 is, hopefully they'll start by bumping the config flag and doing that for a while, before dropping support outright. Seems bug #1336812 is proposing that. Also, seemed worth mentioning that while PCI backed off on TLS 1.0 deprecation until 2018, that date is fast approaching. Maybe next year will be when browsers shift. Perhaps sometime between then and now browsers will start adding a ⚠ warning to HTTPS connections using TLS 1.0
Priority: -- → P3
Depends on: 1535210
Depends on: 1532806
Summary: Establish deprecation date for TLSv1.0 and TLSv1.1 → Establish deprecation for TLSv1.0 and TLSv1.1

I would like to support hans05's position. I too have a device (Orange Funbox 2.0) that supports only TLSv1.0 at the moment (the device is supported though and an upgrade is likely, though not necessarily before the deadline).

I would like to propose that, after the deprecation date:

  1. TLS 1.0 and TLS 1.1 be left enabled for devices on the local network,
  2. Firefox show an overridable warning when opening webpages that do not support TLS 1.2.

This would make for a smooth transition. Otherwise too much electronic equipment will end up in the trash unnecessarily. As can be read in the iFixit manifesto, "repair is better then recycling".

No need to panic. Ideally you would then just create a second profile on about:profiles, start it, open about:config and set security.tls.version.min to 1.

(In reply to Mateusz Jończyk from comment #5)

Otherwise too much electronic equipment will end up in the trash unnecessarily. As can be read in the iFixit manifesto, "repair is better then recycling".

That's why better regulation and open source firmware are desirable.
Such old devices likely have other security issues plaguing the internet. There are reasons it's called "Internet of Shit" instead of "Internet of Things". ;-)

Such old devices likely have other security issues plaguing the internet.

No support for TLS1.2 does not necessarily mean that the devices are insecure. Support for TLS1.2 simply did not use to be important until browsers decided to deprecate it [4]. Let me remind that Firefox is deprecating TLS1.0 not because of any known serious security issues [3]. Additionally, these devices are typically used only on the local network (home routers by default do not expose the management interface to the Internet).

The Orange Funbox 2.0 is well supported security-wise (it even received an update some time ago that changed the default password to a string derived from the WPA key printed on the sticker [2]; I have tried hacking into it and failed) and it still it doesn't support TLS1.2.

Because of that, even relatively newer devices will be affected (I would argue that a big proportion of devices that were sold immediately before the deprecation announcement). Like it or not, home users do not upgrade router firmware even if it is available. The 1.5 year deadline is simply too short for home devices.

Ideally you would then just create a second profile on about:profiles, start it, open about:config and set security.tls.version.min to 1.

The simpler alternative would be to connect to the devices with plain HTTP. It is not clear whether setting security.tls.version.min will work after the deprecation date and for how long.

That's why better regulation and open source firmware are desirable.

We are talking about existing devices, and there is not going to be any "better regulation" in the nearest future. Open source replacement firmware is too difficult for most users to use (I personally use DD-WRT and have serious problems with it [1]) and in many cases nonexistent (printers, or newer routers after the FCC / EU regulation).

[1] Ironically, a feature that does not work on my DD-WRT router is https support. DD-WRT is difficult to use, with contradictory information on the webpage and suggestions to read lengthy forum posts. (For the record: I am a programmer.)

[2] This is to be appreciated because it was likely to make supporting the devices more expensive (support calls are expensive for an ISP).

[3] https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/ "Though we are not aware of specific problems with TLS 1.0 that require immediate action, several aspects of the design are neither as strong or as robust as we would like given the nature of the Internet today."

[4] Many appliances do not support TLS1.2 because they are resource-constrained and use older (or stripped) versions of libraries, which need less memory and flash space.

I would like to suggest to deploy a telemetry probe that will measure how many devices on the local network require TLS1.0. This will give some data.

(I'm not sure how to formally propose a telemetry probe and who to needinfo).

What is a 'local network'? Or how could telemetry know if it's local?
IPv4 ranges might work in some cases, but in larger networks there are multiple subnets with different policies. For IPv6 it's even harder to guess if the scope is local or not.

If you really depend on legacy devices that enforce HTTPS, but do not support TLS 1.2, you should put a reverse proxy in front of them.

Type: defect → task
Depends on: 1579270, 1604267
Summary: Establish deprecation for TLSv1.0 and TLSv1.1 → [meta] tracking bug for disabling TLS 1.0 and 1.1
Version: 44 Branch → unspecified
Depends on: 1606733
Depends on: 1606734
Depends on: 1607371
Depends on: 1506392

Is there an updated statistic for https://tlscanary.mozilla.org/?

See Also: → 1227524
Depends on: 1618615
See Also: → 1496639
Depends on: 1623534
Depends on: 1623536
Depends on: 1626495
Depends on: 1643229

From https://discourse.mozilla.org/t/winding-down-support-for-tls-1-0-and-1-1/64320/2?u=grahamperrin (bumped):

Is there a plan to deprecate the effectiveness of security.tls.version.enable-deprecated and if so, when might that happen?

Chrome 95.0 have been disable TLS 1.0 and TLS1.1, so I think Firefox could do that too without any problem.

Firefox already disabled TLS 1.0/1.1. I'm not sure why is this bug still open.

(In reply to Masatoshi Kimura [:emk] from comment #14)

Firefox already disabled TLS 1.0/1.1. I'm not sure why is this bug still open.

We've disabled it "by default" (this bug depends on bug 1606734, which is FIXED), but it's still possible to re-enable. This is a bigger picture bug about getting rid of it fully.

According to bug 1686573, the minimum DTLS version is 1.2 now.
It is time to close this bug.

Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED

Does this ticket track when TLS 1.0/1.1 support has been actually removed from Firefox, or just the ability to use the UI to re-enable support?

If it is tracking actual removal, then the ticket should be reopened.

Steps to reproduce:

  1. In about:config, set security.tls.version.min to 1
  2. Visit a TLS 1.0-only site like https://tls-v1-0.badssl.com:1010/
  3. Visit a TLS 1.1-only site like https://tls-v1-1.badssl.com:1011/
  4. Sites are still accessible

Tested on Firefox 104.0.2 and 105.0.1 (64-bit Windows).

You need to log in before you can comment on or make changes to this bug.