#385 closed change (fixed)

Re-enable SSLv3 on the servers

Reported by:	trev	Assignee:	trev
Priority:	P2	Milestone:
Module:	Infrastructure	Keywords:
Cc:		Blocked By:
Blocking:		Platform:
Ready:	yes	Confidential:	no
Tester:		Verified working:	no
Review URL(s):	http://codereview.adblockplus.org/6247625674194944

Description (last modified by trev)

Background

Some users have been complaining about connectivity issues (https://adblockplus.org/forum/viewtopic.php?f=16&t=18804 in particular) - turns out IE 6.0 supports TLS 1.0 but has it turned off by default. SSLv3 would work out of the box but we have it turned off because SSL Labs recommends against it.

What to change

In order to support IE 6.0 we have to enable SSLv3. We will also need to check the cyphers we support, according to https://www.ssllabs.com/ssltest/analyze.html?d=downloads.adblockplus.org IE6 doesn't support any of the cyphers we allow (TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA is the one that is considered secure according to SSL Labs and supports forward secrecy - currently disabled along with all other DES-based cyphers).

Change History (5)

comment:1 Changed on 04/26/2014 at 07:09:55 AM by trev

Description modified (diff)

comment:2 Changed on 04/26/2014 at 10:02:24 PM by trev

Currently we use the following ciphers list: EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA256 EECDH+aRSA+RC4 EDH+aRSA EECDH RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS (modified from this Qualys recommendation I think). The resulting ciphers are:

ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-RC4-SHA
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES256-SHA256
DHE-RSA-AES256-SHA
DHE-RSA-CAMELLIA256-SHA
DHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES128-SHA256
DHE-RSA-AES128-SHA
DHE-RSA-SEED-SHA
DHE-RSA-CAMELLIA128-SHA
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA
ECDHE-ECDSA-AES256-SHA
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES128-SHA
ECDHE-ECDSA-AES128-SHA
ECDHE-ECDSA-RC4-SHA
ECDH-RSA-RC4-SHA
ECDH-ECDSA-RC4-SHA
RC4-SHA

Given that we no longer want to support RC4 (see #299) we probably want this cipher list: EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !aNULL !eNULL !LOW !MD5 !EXP !PSK !SRP !DSS !RC4 +3DES DES-CBC3-SHA. This removes all RC4-based ciphers and adds 3DES-based ciphers instead - at the end of the list, as last resort:

ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES256-SHA384
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-AES256-SHA384
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES256-SHA
ECDHE-ECDSA-AES256-SHA
ECDHE-RSA-AES128-SHA
ECDHE-ECDSA-AES128-SHA
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES256-SHA256
DHE-RSA-AES256-SHA
DHE-RSA-CAMELLIA256-SHA
DHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES128-SHA256
DHE-RSA-AES128-SHA
DHE-RSA-SEED-SHA
DHE-RSA-CAMELLIA128-SHA
ECDHE-RSA-DES-CBC3-SHA
ECDHE-ECDSA-DES-CBC3-SHA
EDH-RSA-DES-CBC3-SHA
DES-CBC3-SHA

Note that DES-CBC3-SHA means TLS_RSA_WITH_3DES_EDE_CBC_SHA which is supported by Internet Explorer 6 (I decided to go with this one - it should be better than supporting a DSS-based cipher).

I tested this configuration on a private server and got A+ on SSL Labs - all supported ciphers are considered secure (protocol support rating went down from 95 to 90 but that's expected). According to them, IE 6 and YandexBot can also connect now. Forward Secrecy is used by all clients with the exception of Internet Explorer on Windows XP and YandexBot - these are the only clients without support for Forward Secrecy.

Last edited on 04/26/2014 at 10:14:52 PM by trev

comment:3 Changed on 04/26/2014 at 10:06:12 PM by trev

Owner set to trev
Status changed from new to assigned

comment:4 Changed on 04/26/2014 at 10:06:21 PM by trev

Review URL(s) modified (diff)
Status changed from assigned to reviewing

comment:5 Changed on 04/28/2014 at 10:36:54 AM by trev

Resolution set to fixed
Status changed from reviewing to closed

Fixed: https://hg.adblockplus.org/infrastructure/rev/3ab5c5bef729

Context Navigation

#385 closed change (fixed)

Re-enable SSLv3 on the servers

Description (last modified by trev)

Background

What to change

Attachments (0)

Change History (5)

comment:1 Changed on 04/26/2014 at 07:09:55 AM by trev

comment:2 Changed on 04/26/2014 at 10:02:24 PM by trev

comment:3 Changed on 04/26/2014 at 10:06:12 PM by trev

comment:4 Changed on 04/26/2014 at 10:06:21 PM by trev

comment:5 Changed on 04/28/2014 at 10:36:54 AM by trev

Add Comment

Modify Ticket

Changed by kzar

Download in other formats:

Summary:
Description:	You may use WikiFormatting here. === Background === Some users have been complaining about connectivity issues (https://adblockplus.org/forum/viewtopic.php?f=16&t=18804 in particular) - turns out IE 6.0 supports TLS 1.0 but has it turned off by default. SSLv3 would work out of the box but we have it turned off because SSL Labs recommends against it. === What to change === In order to support IE 6.0 we have to enable SSLv3. We will also need to check the cyphers we support, according to https://www.ssllabs.com/ssltest/analyze.html?d=downloads.adblockplus.org IE6 doesn't support any of the cyphers we allow (`TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA` is the one that is considered secure according to SSL Labs and supports forward secrecy - currently disabled along with all other DES-based cyphers).
Type:		Priority:
Milestone:		Module:
Keywords:		Cc:
Blocked By:		Blocking:
Platform:		Ready:
Confidential:		Tester:
Verified working:
Review URL(s):	http://codereview.adblockplus.org/6247625674194944