Closed
Bug 917049
Opened 11 years ago
Closed 11 years ago
Remove the security.enable_tls_session_tickets pref
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla27
People
(Reporter: briansmith, Assigned: mjh563)
References
Details
Attachments
(1 file, 1 obsolete file)
4.50 KB,
patch
|
mjh563
:
review+
|
Details | Diff | Splinter Review |
+++ This bug was initially created as a clone of Bug #917047 +++
There's no need for this pref any more. It was added way back when support for session tickets was a new thing in Firefox. We should remove it so that we always support session tickets.
Comment 2•11 years ago
|
||
Comment on attachment 816300 [details] [diff] [review]
patch
Review of attachment 816300 [details] [diff] [review]:
-----------------------------------------------------------------
Looks good to me.
Attachment #816300 -
Flags: review?(brian) → review+
Thanks. Updated the commit message to show r=keeler.
Attachment #816300 -
Attachment is obsolete: true
Attachment #820524 -
Flags: review+
Keywords: checkin-needed
Comment 4•11 years ago
|
||
Pushed this along with a bunch of other checkin-neededs to try:
https://tbpl.mozilla.org/?tree=Try&rev=503271ae46d1
Comment 5•11 years ago
|
||
Keywords: checkin-needed
Comment 6•11 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla27
Comment 7•11 years ago
|
||
Someone on IRC mentioned that this pref might still make sense for privacy reasons (also for the Tor people?):
<Hb> Bug 917049 killed the pref security.enable_tls_session_tickets. Now TLS session tickets can't be disabled any more. Servers can now track the SSL session. This is a privacy flaw, see https://browserprivacy.wordpress.com/2013/11/19/requiring-better-cryptography-in-firefox-and-thunderbird-breaks-update-functionality and http://almnet.de/privacy-handbuch/privacy-handbuch-html/handbuch_21m.htm
If there is a privacy implication by this, then I guess it would be worth keeping the pref so people who really care about it can turn it off. The Tor browser will do this as well I assume.
Flags: needinfo?(brian)
Reporter | ||
Comment 8•11 years ago
|
||
(In reply to Christian Holler (:decoder) from comment #7)
> <Hb> Bug 917049 killed the pref security.enable_tls_session_tickets. Now TLS
> session tickets can't be disabled any more. Servers can now track the SSL
> session. This is a privacy flaw, see
> https://browserprivacy.wordpress.com/2013/11/19/requiring-better-
> cryptography-in-firefox-and-thunderbird-breaks-update-functionality and
> http://almnet.de/privacy-handbuch/privacy-handbuch-html/handbuch_21m.htm
>
> If there is a privacy implication by this, then I guess it would be worth
> keeping the pref so people who really care about it can turn it off. The Tor
> browser will do this as well I assume.
This is a misunderstanding. Even when session tickets were disabled, Firefox still supported session resumption using session IDs, and those session IDs enable(d) exactly the same kind of tracking. If some pref to disable session tracking is needed, then we can consider that in another (new) bug--one that describes the privacy model that is sought after.
Flags: needinfo?(brian)
TLS session tickets are described in RFC 5077 (1). Aside from privacy issues these tickets may weaken the key length and break Perfect Forward Secrecy. This was said by Florent Daigniere (2) on Black Hat USA 2013. In a paper (3) he concludes:
> The security implications associated with using the default settings of OpenSSL
> can be summarized as follows:
> - 128 bit of security is all you get (at best), regardless of the cipher
> which has been negotiated
> - The Perfect Forward Secrecy interval is likely to be more than expected –
> the program’s lifetime in most cases (as opposed to hours like best practices
> would recommend)
As far as I have understood this might be bad. I don't get the point why this option is drawn away from Firefox.
(1) RFC 5077
http://www.ietf.org/rfc/rfc5077.txt
(2) Slides
https://media.blackhat.com/us-13/US-13-Daigniere-TLS-Secrets-Slides.pdf
(3) Paper
https://media.blackhat.com/us-13/US-13-Daigniere-TLS-Secrets-WP.pdf.
Flags: needinfo?(brian)
Reporter | ||
Comment 10•11 years ago
|
||
See bug 967977. We will implement a more general solution. I understand that some (maybe most) session ticket implementations need to be improved, but the same could be said for session-ID-based resumption mechanisms. We care about the privacy issues, but fixing 967977 is a better, more complete, way of addressing them.
Flags: needinfo?(brian)
You need to log in
before you can comment on or make changes to this bug.
Description
•