Closed Bug 1305561 Opened 8 years ago Closed 8 years ago

CloudFlare triggers unsafe negotiation warning with TLS 1.3

Categories

(Core :: Security: PSM, defect, P1)

Product:
Core
Component:
Security: PSM
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla52
Tracking Flags:
Tracking Status
firefox52 --- fixed

People

(Reporter: sjw+bugzilla, Assigned: emk)

References

(Blocks 1 open bug)

Details

(Whiteboard: [psm-assigned])

Attachments

(1 file)

Bug 1305561 - Do not check renego extension when TLS version is 1.3.
58 bytes, text/x-review-board-request
keeler
: review+
Details 
STR:
Set the following values in about:config:
security.tls.version.max = 4
security.ssl.require_safe_negotiation = true
security.ssl.treat_unsafe_negotiation_as_broken = true

Browse to a site that is served by CloudFlare and has TLS 1.3 enabled, e.g. https://blog.cloudflare.com/


Expected results:
If CloudFlare supports secure renegotiation in TLS 1.3 the warning should not be shown.

If CloudFlare does not support secure renegotiation in TLS 1.3 the site should not load at all, because of require_safe_negotiation.


Actual results:
The lock icon will get a warning triangle and the site info panel says, the site uses weak encryption. But the site loads fine.
TLS 1.2 works fine without any warning.
Blocks: 665859, 1286694
Note: sites that are using mod_nss also work fine for me (e.g. https://tls13.crypto.mozilla.org/)
TLS 1.3 killed renegotiation. We should rather suppress warning if the negotiated TLS version is >=1.3.
Comment on attachment 8795242 [details]
Bug 1305561 - Do not check renego extension when TLS version is 1.3.

https://reviewboard.mozilla.org/r/81366/#review80072

Looks good. Just the one comment.

::: security/manager/ssl/nsNSSCallbacks.cpp:1192
(Diff revision 2)
>            cipherInfo.symCipher);
>      }
>    }
>  
>    PRBool siteSupportsSafeRenego;
> +  if (channelInfo.protocolVersion <= SSL_LIBRARY_VERSION_TLS_1_2) {

I think it might be safer to make this `if (channelInfo.protocolVersion != SSL_LIBRARY_VERSION_TLS_1_3) {`
Attachment #8795242 - Flags: review?(dkeeler) → review+
Pushed by VYV03354@nifty.ne.jp:
https://hg.mozilla.org/integration/autoland/rev/bf025a49293e
Do not check renego extension when TLS version is 1.3. r=keeler
Assignee: nobody → VYV03354
Priority: -- → P1
Whiteboard: [psm-assigned]
https://hg.mozilla.org/mozilla-central/rev/bf025a49293e
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox52: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla52
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: