Closed
Bug 797258
Opened 13 years ago
Closed 10 years ago
Stop supporting SHA-1 in WebRTC?
Categories
(Core :: WebRTC: Networking, defect)
Tracking
()
RESOLVED
WONTFIX
| backlog | parking-lot |
People
(Reporter: ekr, Assigned: ekr)
Details
Attachments
(2 files)
|
4.71 KB,
patch
|
ekr
:
feedback+
briansmith
:
feedback+
|
Details | Diff | Splinter Review |
|
2.02 KB,
patch
|
jesup
:
feedback+
briansmith
:
feedback+
|
Details | Diff | Splinter Review |
In https://bugzilla.mozilla.org/page.cgi?id=splinter.html&bug=790517&attachment=660321 Bsmith requested we stop supporting SHA-1 for verification.
I don't agree with this, but it needs to be resolved.
|
||
Updated•13 years ago
|
Whiteboard: [WebRTC], [blocking-webrtc+]
|
||
Comment 1•13 years ago
|
||
|
|
||
Updated•13 years ago
|
Attachment #668623 -
Flags: feedback?(ekr)
|
Assignee | |
Comment 2•13 years ago
|
||
Comment on attachment 668623 [details] [diff] [review]
Use SHA-256 instead of SHA-1 in signaling code
Review of attachment 668623 [details] [diff] [review]:
-----------------------------------------------------------------
lgtm
Attachment #668623 -
Flags: feedback?(ekr) → feedback+
|
|
||
Comment 3•13 years ago
|
||
Comment on attachment 668623 [details] [diff] [review]
Use SHA-256 instead of SHA-1 in signaling code
Pushed to Alder - https://hg.mozilla.org/projects/alder/rev/5371d2b66b09
|
|
||
Comment 4•13 years ago
|
||
|
|
||
Comment 5•13 years ago
|
||
Comment on attachment 668705 [details] [diff] [review]
Increase max sdp line length to work with longer SHA-256 fingerprints.
The increased length of SHA-256 was going over the old SDP line limits. Small patch to get PC connecting again with SHA-256
Attachment #668705 -
Flags: feedback?(rjesup)
|
||
Comment 6•13 years ago
|
||
Comment on attachment 668705 [details] [diff] [review]
Increase max sdp line length to work with longer SHA-256 fingerprints.
Review of attachment 668705 [details] [diff] [review]:
-----------------------------------------------------------------
r+, but this reminds me that all these maximum-possible-size buffers are a waste of ram and still get overrun as we add stuff.
Attachment #668705 -
Flags: feedback?(rjesup) → feedback+
|
|
||
Comment 7•13 years ago
|
||
Comment on attachment 668705 [details] [diff] [review]
Increase max sdp line length to work with longer SHA-256 fingerprints.
Pushed to Alder - http://hg.mozilla.org/projects/alder/rev/38146b56dbdd
|
|
||
Comment 8•13 years ago
|
||
Brian - can you comment on the necessity of this (and ekr, can you respond?) Are there any issues relating to Chrome interop? Should we ask them to change ASAP, and is it possible?
Assignee: nobody → ekr
Flags: needinfo?(bsmith)
|
||
Comment 9•12 years ago
|
||
Comment on attachment 668623 [details] [diff] [review]
Use SHA-256 instead of SHA-1 in signaling code
Review of attachment 668623 [details] [diff] [review]:
-----------------------------------------------------------------
I think that this is a good thing to do to avoid interop problems later. We should be minimizing the use of SHA1 by not adding any new uses. Especially since we already have a patch for this, we might as well land it.
AFAICT, it is definitely important that every implementation accept SHA256/SHA384 hashes, so if Chrome or Firefox is not accepting SHA256/SHA384 hashes from the other side, then that is an important interop issue that should be resolved.
Note that I didn't spend any time thinking about the application-specific cryptographic properties needed here. In 2013 it avoiding SHA1 is the default, and any new use of SHA1 should come with a strong argument for why a SHA-2 hash can't be used. If there is such a strong argument then we should reconsider.
Consequently, I am nominating this to block bug 796463 again and setting the r?ekr.
Attachment #668623 -
Flags: review?(ekr)
Attachment #668623 -
Flags: feedback+
Flags: needinfo?(bsmith)
|
|
||
Updated•12 years ago
|
Attachment #668705 -
Flags: review?(ekr)
Attachment #668705 -
Flags: feedback+
|
|
Assignee | |
Comment 10•12 years ago
|
||
Comment on attachment 668705 [details] [diff] [review]
Increase max sdp line length to work with longer SHA-256 fingerprints.
Why are we changing candidate length? This applies to fingerprints....
|
|
Assignee | |
Comment 11•12 years ago
|
||
I knew there was something confusing here. These patches landed in alder 10/5
and were migrated to m-c.
Hence we already are emitting sha-256 digests.
The original bug was that we shouldn't accept sha-1. I don't agree with that.
|
|
Assignee | |
Comment 12•12 years ago
|
||
bsmith,
We talked this over at the workweek and came to the conclusion that this needed to be a WG decision.
If you want to pursue this, can you post something to rtcweb@ietf.org to start the discussion?
|
|
||
Comment 13•12 years ago
|
||
(In reply to Eric Rescorla (:ekr) from comment #12)
> We talked this over at the workweek and came to the conclusion that this
> needed to be a WG decision.
Just to clarify, I don't object much to supporting verification with SHA-1 but I think we should always *send* SHA-256. AFAICT, All the places that allow us to use SHA-1 also allow us to use SHA-256. I don't think that policy requires any working group effort.
If the spec already requires SHA-1 support to verification then I think it is useful to know WHY it requires SHA-1 support. That is something I cannot answer and it would be better to have somebody who is familiar with the decision making explain the need for SHA-1 support.
|
|
Assignee | |
Comment 14•12 years ago
|
||
I believe we already send SHA-256.
The spec doesn't require anything, but when it was written it defined digests as far
back as like MD5 (and I think maybe MD2). But to the extent to which there are
deployed stacks (Cisco) they presumably use SHA-1.
Do you object to closing this, then?
|
||
Comment 15•12 years ago
|
||
Ekr, bsmith -- Given the discussions above, I'm removing this from the blocker list for WebRTC. If you object, please let me know. Thanks.
No longer blocks: 796463
Whiteboard: [WebRTC], [blocking-webrtc+] → [WebRTC], [blocking-webrtc-]
|
|
||
Comment 16•12 years ago
|
||
My understanding, based on talking with Eric, is that we can't stop accepting SHA-1 because some other devices send SHA-1. However, my understanding of that conversation was that we were already supposed to be sending SHA-256 and that we were already able to accept SHA-256. But, the patches in this bug make me think that we don't send SHA-256 and we can't accept SHA-256. Am I misunderstanding them?
|
|
Assignee | |
Comment 17•12 years ago
|
||
These patches already landed.
We currently send SHA-256 but accept SHA-1 and SHA-256.
|
|
Assignee | |
Comment 18•11 years ago
|
||
Comment on attachment 668623 [details] [diff] [review]
Use SHA-256 instead of SHA-1 in signaling code
Review of attachment 668623 [details] [diff] [review]:
-----------------------------------------------------------------
OBE
Attachment #668623 -
Flags: review?(ekr)
|
|
Assignee | |
Comment 19•11 years ago
|
||
Comment on attachment 668705 [details] [diff] [review]
Increase max sdp line length to work with longer SHA-256 fingerprints.
Review of attachment 668705 [details] [diff] [review]:
-----------------------------------------------------------------
OBE
Attachment #668705 -
Flags: review?(ekr)
|
|
||
Comment 20•10 years ago
|
||
Ekr - can we close this?
backlog: --- → parking-lot
Flags: needinfo?(ekr)
QA Contact: jsmith
Whiteboard: [WebRTC], [blocking-webrtc-]
|
|
Assignee | |
Comment 21•10 years ago
|
||
Yes.
Status: NEW → RESOLVED
Closed: 10 years ago
Flags: needinfo?(ekr)
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•