Discover Centmin Mod today
Register Now

Cloudflare Cloudflare You Get TLS 1.3 - out of beta

Discussion in 'Domains, DNS, Email & SSL Certificates' started by eva2000, May 17, 2018.

  1. eva2000

    eva2000 Administrator Staff Member

    35,522
    7,833
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,074
    Local Time:
    8:57 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Cloudflare latest blog article regarding TLS 1.3 feature coming out of beta You get TLS 1.3! You get TLS 1.3! Everyone gets TLS 1.3!

    @bassie @Revenge interesting that Cloudflare can speak and support several TLS 1.3 drafts it seems ! (only TLS 1.3 draft 23 and draft 28)
    cloudflare-tls13.png

    From How do I enable TLS 1.3?

     
    • Like Like x 1
  2. eva2000

    eva2000 Administrator Staff Member

    35,522
    7,833
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,074
    Local Time:
    8:57 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Looks like maybe Cloudflare TLS 1.3 only speaks TLS 1.3 draft 23 and draft 28 and not in between ?

    Testing this forum which is behind Cloudflare with TLS 1.3 enabled and connecting with OpenSSL 1.1.1-pre6 binary which uses TLS 1.3 draft 26 IIRC shows the connection to Cloudflare is established over TLS 1.2 and not TLS 1.3

    Code (Text):
    /opt/openssl/bin/openssl version -a
    OpenSSL 1.1.1-pre6 (beta) 1 May 2018
    built on: Wed May 16 09:17:07 2018 UTC
    platform: linux-x86_64
    options:  bn(64,64) rc4(16x,int) des(int) idea(int) blowfish(ptr)
    compiler: ccache gcc -fPIC -pthread -m64  -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DNDEBUG
    OPENSSLDIR: "/opt/openssl"
    ENGINESDIR: "/opt/openssl/lib/engines-1.1"
    Seeding source: os-specific
    

    Code (Text):
    echo -n | /opt/openssl/bin/openssl s_client -connect community.centminmod.com:443 -CAfile /etc/ssl/certs/cacert.pem| sed '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/d' | sed '/Session-ID: /,/Verify return code/d'
    depth=2 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
    verify return:1
    depth=1 C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2
    verify return:1
    depth=0 C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = centminmod.com
    verify return:1
    DONE
    CONNECTED(00000003)
    ---
    Certificate chain
     0 s:C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = centminmod.com
       i:C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2
     1 s:C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2
       i:C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
    ---
    Server certificate
    subject=C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = centminmod.com
    
    issuer=C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2
    

    Code (Text):
    ---
    No client certificate CA names sent
    Peer signing digest: SHA256
    Peer signature type: ECDSA
    Server Temp Key: X25519, 253 bits
    ---
    SSL handshake has read 2634 bytes and written 312 bytes
    Verification: OK
    ---
    New, TLSv1.2, Cipher is ECDHE-ECDSA-CHACHA20-POLY1305
    Server public key is 256 bit
    Secure Renegotiation IS supported
    Compression: NONE
    Expansion: NONE
    No ALPN negotiated
    SSL-Session:
        Protocol  : TLSv1.2
        Cipher    : ECDHE-ECDSA-CHACHA20-POLY1305
        Extended master secret: yes
    
     
  3. eva2000

    eva2000 Administrator Staff Member

    35,522
    7,833
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,074
    Local Time:
    8:57 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Now testing older OpenSSL 1.1.1-pre2 client which uses TLS 1.3 draft 23 to connect
    Code (Text):
    /opt/openssl/bin/openssl version -a
    OpenSSL 1.1.1-pre2 (alpha) 27 Feb 2018
    built on: Thu Apr 26 19:14:23 2018 UTC
    platform: linux-x86_64
    compiler: ccache gcc -Wall -O3 -pthread -m64 -Wa,--noexecstack -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DL_ENDIAN
    OPENSSLDIR: "/opt/openssl"
    ENGINESDIR: "/opt/openssl/lib/engines-1.1"
    Seeding source: os-specific
    

    shows TLS 1.3 connection established so Cloudflare only speaks TSL 1.3 draft 23 and draft 28. If you client, web browser etc only support TLS 1.3 drafts other than 23 or 28, you won't connect to Cloudflare with TLS 1.3 and use TLS 1.2 instead
    Code (Text):
    echo -n | /opt/openssl/bin/openssl s_client -connect community.centminmod.com:443 -CAfile /etc/ssl/certs/cacert.pem| sed '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/d' | sed '/Session-ID: /,/Verify return code/d'
    depth=2 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
    verify return:1
    depth=1 C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2
    verify return:1
    depth=0 C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = centminmod.com
    verify return:1
    DONE
    CONNECTED(00000003)
    ---
    Certificate chain
     0 s:C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = centminmod.com
       i:C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2
     1 s:C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2
       i:C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
    ---
    Server certificate
    subject=C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = centminmod.com
    
    issuer=C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2
    

    Code (Text):
    ---
    No client certificate CA names sent
    Peer signing digest: SHA256
    Peer signature type: ECDSA
    Server Temp Key: X25519, 253 bits
    ---
    SSL handshake has read 2545 bytes and written 402 bytes
    Verification: OK
    ---
    New, TLSv1.3, Cipher is TLS13-AES-256-GCM-SHA384
    Server public key is 256 bit
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE
    No ALPN negotiated
    Early data was not sent
    SSL-Session:
        Protocol  : TLSv1.3
        Cipher    : TLS13-AES-256-GCM-SHA384
        Extended master secret: no
    
     
  4. bassie

    bassie Active Member

    893
    209
    43
    Apr 29, 2016
    Ratings:
    +628
    Local Time:
    12:57 AM
    Yup and the reason is simple.
    Chrome final is currently- on TLS 1.3 draft 23. Firefox is on TLS 1.3 draft 23.

    Edge is on absolutely nothing.
    Safari is on absolutely nothing, although there has been a test with TLS 1.3 draft 18.

    As TLS 1.3 draft 28 is the one.
    Supporting both draft 23 and draft 28 will catch all TLS 1.3 fish now and in the near feature.
    No need to support in between.
     
    • Agree Agree x 1
  5. eva2000

    eva2000 Administrator Staff Member

    35,522
    7,833
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,074
    Local Time:
    8:57 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Yeah just a matter of clients getting the right TLS 1.3 draft support.

    For TLS 1.3 noobs



    Next video is specific to F5 Big IP appliance servers - you can think of that as Nginx web server for our purposes



    And TLS 1.3 and Perfect Forward Secrecy

     
    • Like Like x 1
  6. eva2000

    eva2000 Administrator Staff Member

    35,522
    7,833
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,074
    Local Time:
    8:57 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    @bassie A Detailed Look at RFC 8446 (a.k.a. TLS 1.3)

     
  7. bassie

    bassie Active Member

    893
    209
    43
    Apr 29, 2016
    Ratings:
    +628
    Local Time:
    12:57 AM
    • Like Like x 1
  8. eva2000

    eva2000 Administrator Staff Member

    35,522
    7,833
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,074
    Local Time:
    8:57 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    OpenSSL 1.1.1 roadmap [openssl-users] TLS 1.3 and the release
    and [openssl-users] [openssl-project] TLS 1.3 and the release
    Looks like from PR, openssl 1.1.1 plans to remove TLS 1.3 drafts 26, 27, 28 so would need for web browsers to update to TLS 1.3 final for openssl 1.1.1 to work.
     
  9. bassie

    bassie Active Member

    893
    209
    43
    Apr 29, 2016
    Ratings:
    +628
    Local Time:
    12:57 AM
    Don't worry;).
    Draft 28 is the one.

    They will only remove the old drafts and the selection mechanism to switch between drafts. If your web-browser supports Draft 28 you are good to go.
     
    • Informative Informative x 1
  10. eva2000

    eva2000 Administrator Staff Member

    35,522
    7,833
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,074
    Local Time:
    8:57 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Yeah It's official: TLS 1.3 approved as standard while spies weep

    to 0-RTT or not ?
     
..