Closed Bug 144510 Opened 22 years ago Closed 22 years ago

Add support for AES ciphers

Categories

(Core Graveyard :: Security: UI, defect, P1)

Product:
Core Graveyard
Component:
Security: UI
Version:
Other Branch
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED DUPLICATE of bug 184940
Milestone:
psm2.4

People

(Reporter: KaiE, Assigned: KaiE)

References

Details

AES ciphers should be supported by Mozilla.

Because the new UI implemented in bug 102633 does not work as expected, a new
solution needs to be searched.

However, it is requested that as a temporary measure, the old UI is used to
implement the UI for enabling/disabling the AES ciphers.


Before I can start to work on it, I need the following information:

1.)
===
Please provide the list of NSS' internal cipher identifiers that should be
enabled in PSM. I don't want to make a mistake, and I'd like to ask the NSS team
for help to provide the list of cipher identifiers.

2.)
===
Please decide, which of the ciphers listed in 1.) should become enabled by default.
Status: NEW → ASSIGNED
Keywords: nsbeta1+
Whiteboard: [adt1 rtm]
Summary: Enable AES ciphers by default → Add support for AES ciphers / enable by default
Nelson, could you answer Kai's questions 1 and 2?

Kai, I seem to remember Nelson already answered these questions
before, but I can't find the bug number.  Here are my answers
as an initial proposal.

1. I suggest that we add the AES and DHE ciphers to the list.

    TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
    TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
    TLS_RSA_WITH_AES_256_CBC_SHA,

    TLS_DHE_DSS_WITH_RC4_128_SHA,
    TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
    TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
    TLS_RSA_WITH_AES_128_CBC_SHA,

    SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
    SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,

    SSL_DHE_RSA_WITH_DES_CBC_SHA,
    SSL_DHE_DSS_WITH_DES_CBC_SHA,

2. I believe the policy is that all new ciphers should be disabled
by default.

Wan-Teh: Stephane asked me, as a first step, to only add the AES ciphers.


Kai,

There are six AES ciphersuites added in NSS 3.4:

    * TLS_DHE_DSS_WITH_AES_128_CBC_SHA
    * TLS_DHE_DSS_WITH_AES_256_CBC_SHA
    * TLS_DHE_RSA_WITH_AES_128_CBC_SHA
    * TLS_DHE_RSA_WITH_AES_256_CBC_SHA
    * TLS_RSA_WITH_AES_128_CBC_SHA
    * TLS_RSA_WITH_AES_256_CBC_SHA

(See the NSS 3.4 Release Notes at
http://www.mozilla.org/projects/security/pki/nss/nss-3.4/nss-3.4-release-notes.html)

Kai, we all agree here. Please add the cyphers Wan-Teh listed.

Adding Terry Hayes to the cc list.  Terry please add your $.02.

I agree that those are the 6 AES ciphersuites, and I agree that it's
OK to add them to the UI so they can be enabled or disabled by the user.

However, I believe it is still appropriate that these ciphersuites 
should not be enabled by default.  The reason is that the IETF TLS working
group has recently been considering changing the definition of these 
cipher suites, to make them work differently than the present Internet
Draft specifies (which is what we implement).  

If the TLS WG does change the definition, then our product will have an 
implementation that does not conform to the then-current definition.  In 
that event, all users of our implementation of the AES ciphersuites would 
need to disable those ciphersuites to avoid interoperability problems with 
servers that implement the new definition.  Users who enabled those AES
ciphersuites themselves, manually, will presumably be able to disable them
without a lot of hand holding.  But if we enable those ciphersuites by 
default, then users will have to disable who have never before enabled or
disabled any ciphersuite.  This will require lots of hand-holding, read
support costs.  

So, I believe that Netscape/Mozilla products should not enable the AES
ciphersuites by default until the AES ciphersuite definition is truly
final.
Summary: Add support for AES ciphers / enable by default → Add support for AES ciphers
I agree with Nelson's comments on the default setting for the AES ciphers. 
Until the AES ciphersuites are defined in an RFC (rather than a draft) we should
leave them off by default.

I see that kaie already changed the summary line to reflect this position, so we
all seem to be in agreement.
Keywords: nsbeta1+
Whiteboard: [adt1 rtm]
Target Milestone: --- → Future
Blocks: sslciphers
*** Bug 100698 has been marked as a duplicate of this bug. ***
In June 2002, the AES ciphersuite document became RFC 3268, a proposed 
standard.  http://www.rfc-editor.org/rfc/rfc3268.txt
I will review it to see if there were any last minute changes.
If not, then I believe NSS is already compliant with this RFC,
and in that case, we should now consider enabling the AES ciphersuites
by default in our products.
I believe NSS 3.4 - 3.6 are compliant with RFC 3268 for the subset of the 
defined AES ciphersuites that were implemented, namely

TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_256_CBC_SHA,

The DHE ciphersuite implementations are presently client-side only.
set for 2.4
Priority: -- → P1
Target Milestone: Future → 2.4
This will be done as part of bug 184940.


*** This bug has been marked as a duplicate of 184940 ***
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
No longer blocks: sslciphers
Verified dupe.
Status: RESOLVED → VERIFIED
Product: PSM → Core
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.