Open Bug 665859 Opened 14 years ago Updated 4 months ago

Change default of security.ssl.treat_unsafe_negotiation_as_broken to true

Categories

(Core :: Security: PSM, defect, P5)

Product:
Core
Component:
Security: PSM
Type:
defect

Tracking

()

People

(Reporter: KaiE, Unassigned)

References

(Depends on 2 open bugs, Blocks 2 open bugs)

Details

(Whiteboard: [psm-backlog])

Regarding CVE-2009-3555, I think the time has come to go one step further. Let's drop security indicators (identity button) if a site is unpatched. This is already implemented. This behaviour can be changed by flipping a preference. The identity button will indicate a plain page, and page info will indicate a page with mixed content. security.ssl.treat_unsafe_negotiation_as_broken currently defaults to false. I propose to change the default to true.
Blocks: 535649
What percentage (roughly) of SSL sites will this break the security indicators for? Gerv
(In reply to comment #1) > What percentage (roughly) of SSL sites will this break the security > indicators for? According to http://my.opera.com/securitygroup/blog/2011/05/19/renego-popular-unpatched-and-vulnerable-sites the overall percentage of unpatched servers is: 45 %
I think it is highly unlikely that we would make a change which removes the SSL indicators from Facebook, Amazon and Yahoo. I'm not sure how we can apply more pressure to get people to fix this, but breaking half the SSL web in our browser isn't it IMO. Gerv
(In reply to Kai Engert (:kaie) from comment #2) > According to > http://my.opera.com/securitygroup/blog/2011/05/19/renego-popular-unpatched- > and-vulnerable-sites the overall percentage of unpatched servers is: > > 45 % Is there any new/more recent Data avaiable as of now?
(In reply to XtC4UaLL [:xtc4uall] from comment #5) > Is there any new/more recent Data avaiable as of now? https://www.trustworthyinternet.org/ssl-pulse/ Renegotiation Support: Secure renegotiation 133,476 87.1% Insecure renegotiation 7,340 4.8% Both 2,059 1.3% No support 10,382 6.8% Survey is of top 200k SSL supporting sites.
(In reply to Dave Garrett from comment #6) > Survey is of top 200k SSL supporting sites. Well, that's what it says on the page anyway. It appears that survey is of a bit over 150k, based on those numbers.
I would like to continue here: Secure renegotiation 136,161 92.8% Insecure renegotiation 3,944 2.7% Both 1,454 1% No support 5,149 3.5% I'm using security.ssl.require_safe_negotiation now for a while and I don't have that much problems. I think it's a good time to change, since we also land other warnings for SHA-1, RC4, SSL3, DHE < 1024 etc.
Depends on: 1122695
Blocks: 1029832
Depends on: 883674
Component: Security: UI → Security: PSM
Whiteboard: [psm-backlog]
Depends on: 1305561
6 years now. It is time to stop pretending websites are secure by showing non-degraded security indicator. Flip security.ssl.treat_unsafe_negotiation_as_broken to true.
Depends on: 1353705
Blocks: 1353705
No longer depends on: 1353705
Priority: -- → P5
https://www.ssllabs.com/ssl-pulse/ indicates that this is still an issue of significant magnitude, at least in their survey. I think that we'd need a shield study for this.

https://www.ssllabs.com/ssl-pulse/ now says 0.3% (463 sites) have insecure negotiation and 0.1% (163 sites) have "both".
Is that significant, or is it similar to https://bugzilla.mozilla.org/show_bug.cgi?id=665859#c10 ?

Rather than a shield study (or perhaps as well), would it make sense for security.ssl.require_safe_negotiation==FALSE to show some sort of warning of problem sites ? At present there is little to alert site admins to this issue, unless someone happens to set this flag.

https://www.ssllabs.com/ssltest/analyze.html?d=un.org&s=157.150.185.49

https://www.ssllabs.com/ssl-pulse/

Monthly Scan: June 03, 2020
Total sites surveyed: 139,071
Secure renegotiation: 137,396 98.8%
Insecure renegotiation: 288 0.2%
Both: 110 0.1%
No support: 1,277 0.9%

https://www.ssllabs.com/ssl-pulse/ shows
Total sites surveyed 136,344
Renegotiation Support
Secure renegotiation 135,256 99.2%
Insecure renegotiation 65 < 0.1%
Both 44 < 0.1%
No support 979 0.7%

https://www.ssllabs.com/ssltest/analyze.html?d=un.org says that "There is no support for secure renegotiation" for un.org
Firefox 100 shows a padlock-warning, but viewing the technical details there are other issues with their encryption.

Is there a current site without secure renegotiation but no other encryption problems to show the current state of this bug ?

Severity: normal → S3

It's 2025. security.ssl.treat_unsafe_negotiation_as_broken should be set to true a long time ago.
It is different from security.ssl.require_safe_negotiation, which blocks connections and causes websites to break (often subresources)
Also, I would suggest implementing a warning in Inspect -> Console, so people are actually aware of this issue.

BTW, I'm surprised to find out, despite how low the stats seem to be, I have to keep security.ssl.require_safe_negotiation turned off because some obscure website breaks, especially non-English ones.

For example, https://www.51job.com/ is a fairly large job searching site in China, with security.ssl.require_safe_negotiation turned on, the website itself loads fine, but all the Javascript/CSS don't load because https://js.51jobcdn.com/ fails with SSL_ERROR_UNSAFE_NEGOTIATION error.

With security.ssl.treat_unsafe_negotiation_as_broken turned on, https://js.51jobcdn.com/in/js/2016/jquery.js works. But there's zero information/warning about "unsafe negotiation" in the console. All I get is a "weak encryption" icon in the network tab, and no further information about "unsafe negotiation".

bug 1958559

You need to log in before you can comment on or make changes to this bug.