Security Changes coming to TLS (TLS v1.3)

eva2000 · Apr 6, 2017

RedHat's two part look into upcoming TLS changes for TLS v1.3 including performance improving features of TLS 1.3, namely 1-RTT handshakes and 0-RTT session resumption and improved security and privacy.

Changes coming to TLS: Part One - Red Hat Customer Portal

Changes coming to TLS: Part Two - Red Hat Customer Portal

Transport layer Security version 1.3 (TLS 1.3) is the latest version of the SSL/TLS protocol which is currently under development by the IETF. It offers several security and performance improvements as compared to the previous versions. While there are several technical resouces which discuss the finer aspects of this new protocol, this two-part article is a quick reference to new features and major changes in the TLS protocol.
Click to expand...

eva2000 · Apr 7, 2017

Centmin Mod 123.09beta01's Nginx + OpenSSL 1.1 + TLS v1.3 progress

nginx -V
nginx version: nginx/1.11.13
built by clang 3.4.2 (tags/RELEASE_34/dot2-final)
built with OpenSSL 1.1.1-dev xx XXX xxxx
TLS SNI support enabled
configure arguments: --with-ld-opt='-ljemalloc -Wl,-z,relro -Wl,-rpath,/usr/local/lib' --with-cc-opt='-m64 -mtune=native -mfpmath=sse -g -O3 -fstack-protector -fuse-ld=gold --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wno-sign-compare -Wno-string-plus-int -Wno-deprecated-declarations -Wno-unused-parameter -Wno-unused-const-variable -Wno-conditional-uninitialized -Wno-mismatched-tags -Wno-sometimes-uninitialized -Wno-parentheses-equality -Wno-tautological-compare -Wno-self-assign -Wno-deprecated-register -Wno-deprecated -Wno-invalid-source-encoding -Wno-pointer-sign -Wno-parentheses -Wno-enum-conversion -Wno-c++11-compat-deprecated-writable-strings -Wno-write-strings -gsplit-dwarf' --sbin-path=/usr/local/sbin/nginx --conf-path=/usr/local/nginx/conf/nginx.conf --with-http_stub_status_module --with-http_secure_link_module --add-module=../nginx-module-vts --with-libatomic --with-http_gzip_static_module --with-http_sub_module --with-http_addition_module --with-http_image_filter_module=dynamic --with-http_geoip_module --with-stream_geoip_module --with-stream_realip_module --with-stream_ssl_preread_module --with-threads --with-stream=dynamic --with-stream_ssl_module --add-dynamic-module=../ngx-fancyindex-0.4.0 --add-module=../ngx_cache_purge-2.3 --add-module=../ngx_devel_kit-0.3.0 --add-module=../set-misc-nginx-module-0.31 --add-module=../echo-nginx-module-0.60 --add-module=../redis2-nginx-module-0.13 --add-module=../ngx_http_redis-0.3.7 --add-module=../memc-nginx-module-0.17 --add-module=../srcache-nginx-module-0.31 --add-module=../headers-more-nginx-module-0.32 --with-pcre=../pcre-8.40 --with-pcre-jit --with-zlib=../zlib-1.2.11 --with-http_ssl_module --with-http_v2_module --with-openssl=../openssl-tls1.3 --with-openssl-opt=enable-tls1_3
Click to expand...

Not quite there yet as Nginx has yet to add identification for TLS v1.3
Code (Text):
./cipherscan https://domain.com
.......
Target: domain.com:443

prio  ciphersuite                  protocols              pubkey_size  signature_algoritm       trusted  ticket_hint  ocsp_staple  npn          pfs                 curves  curves_ordering
1     ECDHE-RSA-CHACHA20-POLY1305  TLSv1.2                2048         sha256WithRSAEncryption  True     3600         True         h2,http/1.1  ECDH,P-256,256bits  server
2     ECDHE-RSA-AES256-GCM-SHA384  TLSv1.2                2048         sha256WithRSAEncryption  True     3600         True         h2,http/1.1  ECDH,P-256,256bits  server
3     ECDHE-RSA-AES128-GCM-SHA256  TLSv1.2                2048         sha256WithRSAEncryption  True     3600         True         h2,http/1.1  ECDH,P-256,256bits  server
4     ECDHE-RSA-AES128-SHA256      TLSv1.2                2048         sha256WithRSAEncryption  True     3600         True         h2,http/1.1  ECDH,P-256,256bits  server
5     ECDHE-RSA-AES256-SHA384      TLSv1.2                2048         sha256WithRSAEncryption  True     3600         True         h2,http/1.1  ECDH,P-256,256bits  server
6     ECDHE-RSA-AES128-SHA         TLSv1,TLSv1.1,TLSv1.2  2048         sha256WithRSAEncryption  True     3600         True         h2,http/1.1  ECDH,P-256,256bits  server

OCSP stapling: supported
Cipher ordering: server
Curves ordering: unknown - fallback: no
Server supports secure renegotiation
Server supported compression methods: NONE

TLS Tolerance: no
Fallbacks required:
big-SSLv3 no fallback req, connected: TLSv1.3 TLS13-AES-128-GCM-SHA256
big-TLSv1.0 no fallback req, connected: TLSv1 ECDHE-RSA-AES128-SHA
big-TLSv1.1 no fallback req, connected: TLSv1.1 ECDHE-RSA-AES128-SHA
big-TLSv1.2 no fallback req, connected: TLSv1.3 TLS13-AES-128-GCM-SHA256

Intolerance to:
 SSL 3.254           : absent
 TLS 1.0             : absent
 TLS 1.1             : absent
 TLS 1.2             : absent
 TLS 1.3             : absent
 TLS 1.4             : absent
Test against OpenSSL 1.1 dev TLS v1.3 enabled binary works
Code (Text):
echo -n | openssl s_client -connect domain.com:443 -CAfile /etc/ssl/certs/cacert.pem| sed '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/d' | sed '/Session-ID: /,/Verify return code/d'
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = domain.com
verify return:1
DONE
CONNECTED(00000003)
---
Certificate chain
 0 s:/CN=domain.com
   i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
subject=/CN=domain.com
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
---
SSL handshake has read 3019 bytes and written 491 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS13-AES-128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS13-AES-128-GCM-SHA256
    Extended master secret: no
---
read R BLOCK
take note
Code (Text):
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS13-AES-128-GCM-SHA256

ahmed · Oct 27, 2017

hello any progress on TLS 1.3?

this is mine

Code:

nginx version: nginx/1.13.6
built by gcc 6.3.1 20170216 (Red Hat 6.3.1-3) (GCC)
built with OpenSSL 1.1.0f  25 May 2017
TLS SNI support enabled
configure arguments: --with-ld-opt='-ljemalloc -Wl,-z,relro -Wl,-rpath,/usr/local/lib' --with-cc-opt='-m64 -march=native -DTCP_FASTOPEN=23 -g -O3 -Wno-error=strict-aliasing -fstack-protector-strong -flto -fuse-ld=gold --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wno-deprecated-declarations -gsplit-dwarf' --sbin-path=/usr/local/sbin/nginx --conf-path=/usr/local/nginx/conf/nginx.conf --with-compat --with-http_stub_status_module --with-http_secure_link_module --with-libatomic --with-http_gzip_static_module --add-dynamic-module=../ngx_brotli --with-http_sub_module --with-http_addition_module --with-http_image_filter_module=dynamic --with-http_geoip_module --with-stream_geoip_module --with-stream_realip_module --with-stream_ssl_preread_module --with-threads --with-stream=dynamic --with-stream_ssl_module --with-http_realip_module --add-dynamic-module=../ngx-fancyindex-0.4.2 --add-module=../ngx_cache_purge-2.4.2 --add-module=../ngx_devel_kit-0.3.0 --add-dynamic-module=../set-misc-nginx-module-0.31 --add-dynamic-module=../echo-nginx-module-0.61 --add-module=../redis2-nginx-module-0.14 --add-module=../ngx_http_redis-0.3.7 --add-module=../memc-nginx-module-0.18 --add-module=../srcache-nginx-module-0.31 --add-dynamic-module=../headers-more-nginx-module-0.32 --with-pcre=../pcre-8.41 --with-pcre-jit --with-zlib=../zlib-1.2.11 --with-http_ssl_module --with-http_v2_module --with-openssl=../openssl-1.1.0f --with-openssl-opt='enable-ec_nistp_64_gcc_128'
[ahmedalshaarawy@test-instance ~]$

eva2000 · Oct 27, 2017

none yet waiting on openssl official TLS v1.3 support

buik · Oct 28, 2017

I'm sorry to say but put it out of your mind for the short term.

Please don't expect TLS 1.3 in the very near future.
There are to much hardware problems with TLS 1.3 which need to be resolved first.

It is not advisable to use TLS 1.3 already, other than test sites.

Tests run by various companies, including Google, Mozilla, and Facebook, indicate that the "failure rate" of TLS 1.3 is too high - ranging from minimal to 3.4%, depending on who is doing the testing and how they are doing it. It appears that network hardware such as routers, gateways, load balancers and the like, are blocking TLS 1.3 packets because they don't recognize the protocol. They are doing "fail closed" and block the connections because they don't understand it, rather than assuming it's safe to forward.
Click to expand...

buik · Feb 3, 2018

I was reading a little bit of everything and then I found this.
About:
The Transport Layer Security (TLS) Protocol Version 1.3 (TLS 1.3)
draft-ietf-tls-tls13-23

This draft is targeted at “Proposed Standard” and it is completely
appropriate given the expected widescale deployment as well as
the fact that TLS 1.2 was “Proposed Standard”
Click to expand...

Hopefully it will come soon.
With TLS 1.3 and Nginx server push we can push the webserver speed even further.

buik · Feb 4, 2018

The TLS 1.3 start is there. It is slowly getting under way.
For example Chrome.

For M65, draft-23 of the protocol will be rolled out to Chrome users....
Click to expand...

Enabled by default in:

Chrome for desktop release 65

Chrome for Android release 65

Click to expand...

eva2000 · Feb 4, 2018

Ah progress is good

buik · Feb 4, 2018

eva2000 said: ↑

Ah progress is good
Click to expand...

Indeed, it seems that draft 23 is in fact the “Proposed Standard”.
Google and Chrome are conservative when it comes to entering something like this. And do not just carry it out. Google employees are part of the group that develops standards. So are perfectly informed.

It think that draft 18 was the near standard before draft 23.
Until they encountered problems with various network equipments.
And turned everything over again. Which of course had to be corrected first.
Draft 18 was everywhere: Chrome, Firefox, OpenSSL.

Anyway. I expect Firefox and OpenSSL to follow soon.
OpenSSL implemented TLS 1.3 draft 23, a few days ago in OpenSSL dev.

This draft is targeted at “Proposed Standard” and it is completely
appropriate given the expected widescale deployment as well as
the fact that TLS 1.2 was “Proposed Standard”
Click to expand...

buik · Feb 7, 2018

TLS 1.3 draft 23 added to Firefox dev: ⚙ D352 Bug 1427921 - Update to TLS 1.3 draft-23, r?ekr

eva2000 · Feb 7, 2018

Nice.. also see /policies/releasestrat.html

The next version of OpenSSL will be 1.1.1. This is currently in development and has a primary focus of implementing TLSv1.3. The RFC for TLSv1.3 has not yet been published by the IETF. OpenSSL 1.1.1 will not have its final release until that has happened.

The draft release timetable for 1.1.1 is as follows. This may be amended at any time as the need arises.

13th February 2018, alpha release 1 (pre1)

27th February 2018, alpha release 2 (pre2)

13th March 2018, beta release 1 (pre3)

OpenSSL_1_1_1-stable created (feature freeze)

master becomes basis for 1.1.2 or 1.2.0 (TBD)

27th March 2018, beta release 2 (pre4)

10th April 2018, beta release 3 (pre5)

24th April 2018, beta release 4 (pre6)

1st May 2018, release readiness check (new release cycles added if required, first possible final release date: 8th May 2018)

Click to expand...

buik · Feb 10, 2018

eva2000 said: ↑

The next version of OpenSSL will be 1.1.1. This is currently in development and has a primary focus of implementing TLSv1.3. The RFC for TLSv1.3 has not yet been published by the IETF. OpenSSL 1.1.1 will not have its final release until that has happened.
Click to expand...

TLS 1.3 final draft is around the corner.
As TLS 1.3 is enabled by default at the OpenSSL 1.1.1 dev branch.
Enable TLSv1.3 by default · openssl/openssl@f518cef · GitHub

eva2000 · Feb 10, 2018

Yup believe that what post 11 implies too

buik · Feb 17, 2018

TLSv1.3 draft 24 released. Its seems to be all about form factors.
Because this is a very small change. Let's hope it goes from draft to standard.

This commit adds support for TLSv1.3 draft 24. The only change between draft 23 and draft 24 is that draft 24 requires the version number of the record layer to be "0303" for a second ClientHello, whereas draft 23 allowed the version number for both the initial and second ClientHello to be "0301".
Click to expand...

eva2000 · Feb 17, 2018

Sweet.. nearly there !

buik · Feb 17, 2018

eva2000 said: ↑

Sweet.. nearly there !
Click to expand...

BAM! Lady's and gentlemen start your engine in 1....2...3............

The IESG has received a request from the Transport Layer Security WG (tls) to
consider the following document:

'The Transport Layer Security (TLS) Protocol Version 1.3'
<draft-ietf-tls-tls13-24.txt> as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
ietf at ietf.org mailing lists by 2018-03-01. Exceptionally, comments may be
sent to iesg at ietf.org instead. In either case, please retain the beginning of
the Subject line to allow automated sorting.
Click to expand...

eva2000 · Feb 17, 2018

Great news - 2018 is a good year for web related technologies.

Just need more support for TLS 1.3 from web browsers Can I use... Support tables for HTML5, CSS3, etc etc. i.e. SSLLabs test site only supports TLS 1.3 draft 18

buik · Feb 20, 2018

OpenSSL 1.1.1dev master branch is upgraded to TLSv1.3 draft-24 - Proposed Standard

eva2000 · Feb 20, 2018

Nice.. though no browser can test that now as even Chrome Canary only supports TLS 1.3 draft 23

buik · Feb 20, 2018

eva2000 said: ↑

Nice.. though no browser can test that now as even Chrome Canary only supports TLS 1.3 draft 23
Click to expand...

True but as TLSv1.3 draft-24 is the proposed standard. It will go fast now.
As this is the starting point for devs to start with TLS 1.3, if they have not started yet. Second the difference between 23 and 24 is minimal. In short, that is only a form factor.

Log in / Register

Forums

Discover Centmin Mod today

Security Changes coming to TLS (TLS v1.3)

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

ahmed Active Member

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

buik “The best traveler is one without a camera.”

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

.

Log in / Register

Useful Searches

Discover Centmin Mod today

Security Changes coming to TLS (TLS v1.3)

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

ahmed Active Member

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

buik “The best traveler is one without a camera.”

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

.