Closed Bug 1789436 Opened 2 years ago Closed 1 year ago

Add Option for Randomizing TLS Client Hello Extension Order

Categories

(NSS :: Libraries, enhancement, P3)

Product:
NSS
Component:
Libraries
Version:
3.84
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: djackson, Assigned: lschwarz)

References

Details

Attachments

(2 files)

Bug 1789436 - CH extension permutation. r?djackson
48 bytes, text/x-phabricator-request
Details | Review
Bug 1789436: Fix build failure on Windows. r=beurdouche
48 bytes, text/x-phabricator-request
Details | Review

Chrome recently announced they would experiment with randomising the extension order in their TLS Client Hellos. This is permitted by the specification and would likely reduce ossification in the TLS ecosystem.

We should look at adding similar support to NSS and running a similar experiment.

Assignee: nobody → lschwarz
Status: NEW → ASSIGNED

https://hg.mozilla.org/projects/nss/rev/27164e3fc3a12bd2555aec1ff43dddd8cd355dd3

Status: ASSIGNED → RESOLVED
Closed: 1 year ago
Resolution: --- → FIXED
See Also: → 1816878

A patch has been attached on this bug, which was already closed. Filing a separate bug will ensure better tracking. If this was not by mistake and further action is needed, please alert the appropriate party. (Or: if the patch doesn't change behavior -- e.g. landing a test case, or fixing a typo -- then feel free to disregard this message)

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: