On Mon, 2018-02-26 at 10:26 -0600, mcatanzaro(a)gnome.org wrote:
On Mon, Feb 26, 2018 at 9:37 AM, Nikos Mavrogiannopoulos
<nmav(a)redhat.com> wrote:
> regarding the strong crypto change in Fedora28 [0], we have
> identified
> few (usually internal) sites which break under firefox or other
> tools.
> The main reason for this breakage is that these sites only support
> Diffie-Hellman with 1024-bit parameters which are considered too
> weak
> by this change.
Setting up a unified distro-wide crypto policy was a Good Thing, but
we
have to use it responsibly. Unfortunately, I don't think it's
practical
for Fedora to increase the minimum required Diffie-Hellman parameter
size to 2048 until either Firefox or Chrome has done so first. Users
are just going to object that they can't use Fedora to access
various
important websites, and those important websites will never be fixed
so
long as they're only broken for Fedora users. We should consider
ourselves at the mercy of the major browser vendors to implement new
restrictions before we do. It's a shame that major browsers are so
unwilling to break websites, even when it's clearly important for
security, but that's the world we live in. :/
Alternatively, if you want to strengthen the system crypto policy,
then
it should not apply to web browsers at all. Or web browsers should
automatically use the weak policy. (We'd need the weak policy in
glib-networking, too.)
I agree we need to have the DEFAULT policy be applicable to all
applications, browsers and not (otherwise we end up in reports like
curl and wget don't work while firefox does). It is important though to
gather all data we can from the user reports before reverting, in order
to better understand why that doesn't work, which apps are affected and
better predict when we can make it work.
From the current reports, I believe we have two classes of systems
which cause a problem. (1) systems with implementations which don't
support elliptic curves (that may be rhel5, centos5), and the
administrator set up 1024-bit DH parameters, (2) cisco VPN servers
which are configured to use 1024-bit DH parameters.
regards,
Nikos