Closed Bug 1891113 Opened 1 year ago Closed 1 year ago

FxA and sync servers get a "B" on SSLlabs tests

Categories

(Firefox :: Sync, defect, P3)

Product:
Firefox
Component:
Sync
Type:
defect

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: ddurst, Unassigned)

References

Details

(Whiteboard: [fxa-waffle-ignore])

The core servers for the FxA connected experience all get a "B" rating from SSLLabs, e.g:

https://www.ssllabs.com/ssltest/analyze.html?d=accounts.firefox.com
https://www.ssllabs.com/ssltest/analyze.html?d=token.services.mozilla.com

The reason it gives is that:

"This server supports weak Diffie-Hellman (DH) key exchange parameters.
Grade capped to B."

Sadly I don't think we can do anything about that yet, but I wanted a bug on file to track it (and to point at when this topic comes up again).

The reasoning behind the current situation is that we have certain clients (e.g. old android devices, partner devices like Bug 1186900) that do not support the "modern" TLS configuration recommended in [1]. Instead we must use the "intermediate" configuration [2] which includes DH ciphers.

These ciphers are fine if you use secure DH parameters. But the TLS support for FxA and Sync is provided by Amazon's Elastic Load Balancers, which don't let you customize the DH parameters.

So I think we're stuck on a "B" grade until all our clients grow more modern TLS support, or Amazon gives us better tools to customize TLS on the ELBs.

[1] https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
[2] https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29

I had hoped we would retain the history from the original bug 1219547, especially https://bugzilla.mozilla.org/show_bug.cgi?id=1219547#c9, for when we are done with browser ID support.

Priority: -- → P3

As a bit of summary / outline of work:

Older versions of Firefox which used BrowserID did not have support for TLSv3 and therefore required that we keep the older, less secure DH key exchange protocols.
Since we've officially dropped all support for BrowserID, we should take this opportunity to remove the TLSv2 protocol support from the FxA and Sync/Tokenserver load handlers. (I believe that we have an explicit exception carved out of the various load balancers to handle this exact case, so removing that exception should be fairly easy for SRE.)

As I understand, the work should include

The severity field is not set for this bug.
:markh, could you have a look please?

For more information, please visit BugBot documentation.

Flags: needinfo?(markh)
Severity: -- → S3
Flags: needinfo?(markh)

Looks like we're using the "GCP Default" SSL policy for tokenserver and sync (which is the default if nothing is specified). We should be able to switch that to mozilla-intermediate which sets minimum TLS version to 1.2 and disables some ciphers (see here: https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29)

I'm fine switching it.
Any concerns?

Flags: needinfo?(pjenvey)
Flags: needinfo?(jrconlin)
Flags: needinfo?(ddurst)

No concerns. The only reason we were using the old policy (IIRC) was so that older browser that did not implement TLS 1.3, and which still used BrowserID as their default, could connect.

That is no longer an issue.

Please switch to the Mozilla-Intermediate policy at your convenience.

Flags: needinfo?(jrconlin)
Flags: needinfo?(ddurst)

This has been done for tokenserver and sync.
https://www.ssllabs.com/ssltest/analyze.html?d=token.services.mozilla.com now shows "A"

Flags: needinfo?(pjenvey)

Because they both show A, I'm going to resolve this bug.

Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.