Bug 236507 (ecc)

Enable ECC ciphersuites by default in PSM

RESOLVED WORKSFORME

Status

enhancement
P2
normal
RESOLVED WORKSFORME
15 years ago
3 years ago

People

(Reporter: nelson, Assigned: kaie)

Tracking

1.0 Branch
All
Windows 2000
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

The following comments were extracted from bug 235773. 

Several comments about turning ECC on in mozilla by default.

1. Best to wait until the ECC-TLS drafts become an RFC.  

2. IINM, the implementation of ECC/TLS in NSS matches an older draft,
not draft 5 (current draft as of this writing). 

Draft 5 includes negotiation of ECC curves in TLS/SSL.  The earlier draft,
now implemented in NSS (and IINM in OpenSSL and elsewhere) did not feature
negotiation of ECC curves.  This meant that a client and a server that both
supported ECC ciphersuites (but disjoint sets of curves) and also both 
supported a common set of non-ECC ciphersuites could (and probably would)
negotiate an ECC ciphersuite and then fail to complete the handshake, 
rather than succesfully handshaking with a Non-ECC ciphersuite.  

For a browser user, that problem would be highly similar to the "TLS
intolerance" problem, which mozilla now works around by reconnecting and
rehandshaking with TLS disabled after a failed handshake with it enabled.  
This is known as "transparent recovery".  Before mozilla added that, users
found it necessary to disable TLS to connect to many secure web sites.
I think it's clear that we don't want users having to do that for ECC.
IMO, we also don't want mozilla to make more than 2 attempts to connect 
and handshake in order to succesfully conclude one handshake, as it might 
if it had to try once with ECC, once with TLS but not ECC, and finally 
perhaps a third time with only SSL3 and not ECC.  

Internet Draft 5 of ECC/TLS provides ECC curve negotiation which will 
solve this problem, but only if/when SSL/TLS handshakes stop using SSL2
compatible client hellos.  IOW, SSL2 must die before ECC/TLS becomes
viable (IMO).  And curve negotiation is not yet implemented in NSS, IINM.

So, I think we've got a ways further to go before we're ready to enable
ECC/TLS by default.  But I do hope we'll get there before too long.
And adding UI to enable/disable ECC/TLS is a good step in the meantime.
(Assignee)

Comment 1

14 years ago
You are requesting that we could start with a simple first step, adding UI for
the new SSL mode, adding a pref to store the selection, and by using the new
pref, like we currently do for the SSL v2 / v3 /TLS prefs.

That should be straightforward and easy to do.
(Assignee)

Comment 2

14 years ago
Mozilla/PSM uses the following calls to enable SSL v2/v3/TLS:
      PRBool enabled;
      mPrefBranch->GetBoolPref("security.enable_ssl2", &enabled);
      SSL_OptionSetDefault(SSL_ENABLE_SSL2, enabled);
      mPrefBranch->GetBoolPref("security.enable_ssl3", &enabled);
      SSL_OptionSetDefault(SSL_ENABLE_SSL3, enabled);
      mPrefBranch->GetBoolPref("security.enable_tls", &enabled);
      SSL_OptionSetDefault(SSL_ENABLE_TLS, enabled);

However, I can't find other constants in NSS that would enable something like ECC.

Nelson, please advise how to instruct NSS to do what you suggest.
Priority: -- → P2

Comment 3

14 years ago
Hello Kai,

  If you look at the patch for Bug 235773, it already does this. 
In particular, it adds check boxes for ECC ciphersuites in
Mozilla preferences Privacy & Privacy->SSL->Edit Ciphers
->Extra SSL3/TLS ciphers. Let me know if that's not
what you are looking for.

vipul

(In reply to comment #2)
> Mozilla/PSM uses the following calls to enable SSL v2/v3/TLS:
>       PRBool enabled;
>       mPrefBranch->GetBoolPref("security.enable_ssl2", &enabled);
>       SSL_OptionSetDefault(SSL_ENABLE_SSL2, enabled);
>       mPrefBranch->GetBoolPref("security.enable_ssl3", &enabled);
>       SSL_OptionSetDefault(SSL_ENABLE_SSL3, enabled);
>       mPrefBranch->GetBoolPref("security.enable_tls", &enabled);
>       SSL_OptionSetDefault(SSL_ENABLE_TLS, enabled);
> 
> However, I can't find other constants in NSS that would enable something like ECC.
> 
> Nelson, please advise how to instruct NSS to do what you suggest.
> 
(In reply to comment #3), Vipul wrote:
>   If you look at the patch for Bug 235773, it already does this. 

*The* patch?  There are 6 patches attached to that bug.  

Comment 5

14 years ago
I should have been more explicit. For Mozilla, attachment 147067 [details] [diff] [review]
is what I meant (for Firefox, the equivalent patch is in attchment
163877).

thanks,

vipul

(In reply to comment #4)
> (In reply to comment #3), Vipul wrote:
> >   If you look at the patch for Bug 235773, it already does this. 
> 
> *The* patch?  There are 6 patches attached to that bug.  
> 
> 

Updated

14 years ago
Component: Security: UI → Security: UI
Product: PSM → Core
(Assignee)

Comment 6

14 years ago
Making dependent on bug 235773.
Before (or at the same time) we enable them by default, the UI allowing to
disable must be in place.
Depends on: eccui
(Assignee)

Updated

13 years ago
Depends on: 326159
(Assignee)

Updated

13 years ago
Alias: ecc
(Assignee)

Comment 7

13 years ago
Because of the availability of about:config
we can disregard my comment 5.
(Assignee)

Comment 8

13 years ago
Happened for SSL/TLS as part of other checkins.
WORKSFORME
Status: NEW → RESOLVED
Last Resolved: 13 years ago
Resolution: --- → WORKSFORME

Updated

11 years ago
Version: psm2.4 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.