Closed Bug 1311296 Opened 8 years ago Closed 8 years ago

Tracker for building TLS 1.3 in NSS

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Version:
3.27
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: KaiE, Assigned: mt)

Details

Attachments

(1 file, 1 obsolete file)

bug1311296-1.patch
2.97 KB, patch
KaiE
: review+
Details | Diff | Splinter Review 
As we saw in bug 1306985, we need to be careful about enabling TLS 1.3 by default.

This is a tracker bug to coordinate the future action of enabling it again.

Please also see Wan-Teh's bug 1306985 comment 6.
Current version of the draft shouldn't cause this kind of issues though as the version negotiation mechanism was changed. In tests for extension intolerance I see similar incidence for intolerance of new signature algorithms as I do for new extensions (at around 0.07%) so once NSS implements -16 version of the draft we shouldn't see significant problems.

I still need to add a test with a real TLSv1.3 hello to the scans though, so the final amount of problematic servers may be higher, but not significantly so.
(In reply to Hubert Kario from comment #1)
> Current version of the draft shouldn't cause this kind of issues though as
> the version negotiation mechanism was changed. In tests for extension
> intolerance I see similar incidence for intolerance of new signature
> algorithms as I do for new extensions (at around 0.07%) so once NSS
> implements -16 version of the draft we shouldn't see significant problems.

Draft 16 landed a while ago. And the version negotiation extension even earlier. So I currently don't see a reason not to enable TLS1.3 by default in 3.28.
Note that the change to signature algorithms causes more server incompatibility than TLS 1.3 based on our measurements.  Signature algorithms are on by default, TLS 1.3 is off by default.  I'd say that we're OK to turn this on now.
Attached patch bug1311296-1.patch (obsolete) — Splinter Review 
Assignee: nobody → martin.thomson

        Attachment #8807413 -
        Flags: review?(kaie)

    
    

    
  
I'd like to get this into 3.28.
Target Milestone: --- → 3.28

    
    

    
  
I don't think anyone switched to the gyp builds yet (FF will probably switch for the next release), but 1.3 is enabled by default there because it doesn't set NSS_DISABLE_TLS_1_3=1.

    
    

    
  


  
I realized that I missed a few things, then more arrived (readme.md for example).

        Attachment #8807413 -
        Attachment is obsolete: true

        Attachment #8807413 -
        Flags: review?(kaie)

        Attachment #8808031 -
        Flags: review?(kaie)

    
    

    
  
I'd like to ask, is there a need from the Mozilla side to have this enabled by default by NSS, or would it equally work for you to simply enable it with an override build configuration for Firefox 52?

It might be nice to do the NSS-default-enabling in steps.

Because we were of issues in NSS 3.27, and because of changes you have made in the meantime, you believe that NSS 3.28 might be the first version where it's safe to build it by default. But are we completely sure it's safe?

An alternative could be to still keep is disabled (not build) in NSS 3.28 by default, but encourage consumers (in the release notes) to start building with it enabled. We could enable it by default in Fedora, and only revert if really necessary.

Then, enabling it by default could be made in a future version (maybe 3.29), after we had had the chance to collect wider feedback.

    
    

    
  
Clarifying the subject, because this bug is about "building by default" (not enabling the protocol by default).
Summary: Tracker for enabling TLS 1.3 in NSS → Tracker for building TLS 1.3 in NSS

    
    

    
  
Yes, this is about building by default.  The problems we had in 3.27 were incompatibility issues.  We believe (and our experience deploying this in Firefox supports this) that the changes we made in 3.28 have reduced, if not eliminated compatibility issues.

Frankly, this isn't about Firefox, we're overriding the defaults there.  I think that's it's more about trying to shake out the problems.  I am OK with this being deferred a release.

We're a long way away from enabling this by default.  Maybe as much as a year away.

    
    

    
  
Let's do this for NSS 3.29

Let's ask consumers of NSS 3.28 to test with TLS 1.3 built by default.
(Daiki, the suggestion is that we try it in Fedora, when we pick up NSS 3.28 there.)

    
  
Target Milestone: 3.28 → 3.29

    
    

    
  
Comment on attachment 8808031 [details] [diff] [review]
bug1311296-1.patch

r=kaie for NSS 3.29

        Attachment #8808031 -
        Flags: review?(kaie) → review+

    
    

    
  
https://hg.mozilla.org/projects/nss/rev/0ce009e2303a
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: