Bug 1534532

Summary: Strong crypto settings
Product: [Fedora] Fedora Reporter: Jan Kurik <jkurik>
Component: Changes TrackingAssignee: Nikos Mavrogiannopoulos <nmavrogi>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 28CC: nmavrogi, rdieter, riehecky, vondruch, zbyszek
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: ChangeAcceptedF28, SystemWideChange
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-05-02 12:05:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jan Kurik 2018-01-15 12:45:56 UTC 
This is a tracking bug for Change: Strong crypto settings
For more details, see: https://fedoraproject.org//wiki/Changes/StrongCryptoSettings

This change is about updating the current system-wide crypto policy to disable legacy and unused cryptographic protocols.
Comment 1 Jan Kurik 2018-02-20 14:10:23 UTC 
On 2018-Feb-20, we have reached the Fedora 28 Change Checkpoint: Completion deadline (testable).

At this point, all accepted changes should be substantially complete, and testable. Additionally, if a change is to be enabled by default, it must be enabled at Change Completion deadline as well.

Change tracking bug should be set to the MODIFIED state to indicate it achieved completeness.

Incomplete and non testable Changes will be reported to FESCo for 2018-Feb-23 meeting.
Comment 2 Fedora End Of Life 2018-02-20 15:38:28 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 28 development cycle.
Changing version to '28'.
Comment 3 Zbigniew Jędrzejewski-Szmek 2018-02-23 15:16:32 UTC 
* Mon Feb 12 2018 Nikos Mavrogiannopoulos <nmav> - 20180112-1.git386e3fe - Updated to apply the settings as in StrongCryptoSettings project. The restriction to TLS1.2, is not yet applied as we have no method to impose that in openssl. https://fedoraproject.org/wiki/Changes/StrongCryptoSettings

So I guess this change is partially implemented.
Comment 4 Nikos Mavrogiannopoulos 2018-02-26 07:54:29 UTC 
Not sure how to express that here.
Comment 5 Zbigniew Jędrzejewski-Szmek 2018-02-26 10:17:01 UTC 
It seems to me that the missing bit is a smaller part of the Change. If that is true, I'd just update the Change page to clearly say which part is deferred, and proceed with the rest (i.e. set it to MODIFIED, fill in the Documentation section, etc.).
Comment 6 Nikos Mavrogiannopoulos 2018-02-26 10:33:08 UTC 
Thanks. I've updated the change to document the contigency plan.
Comment 7 Vít Ondruch 2018-02-26 15:45:44 UTC 
Since I updated my Rawhide last week, I have issues connecting to some sites using FF due to errors like:

~~~
An error occurred during a connection to ****.com. Při komunikaci protokolem SSL byl v inicializační zprávě typu Server Key Exchange obdržen slabý klíč typu Diffie-Hellman. Error code: SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY
~~~

I have similar issues connecting my TB to the mail server:

~~~
An error occurred during a connection to mail.xxx.com:993.

SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message.

Error code: <a id="errorCode" title="SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY">SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY</a> 
~~~

I have not updated neither FF nor TB.
Comment 9 Nikos Mavrogiannopoulos 2018-02-27 10:38:46 UTC 
The strong settings seem to affect VPNs as well (#1549242)
Comment 10 Jan Kurik 2018-03-06 08:58:20 UTC 
On 2018-Mar-08 we reached the "Change Checkpoint: 100% Code Complete Deadline" milestone for Fedora 28 release. At this point all the Changes not at least in "ON_QA" state should be brought to FESCo for review. Please update the state of this bug to "ON_QA" if it is already 100% completed. Please let me know in case you have any trouble with the implementation and the Change needs any help or review.

Thanks, Jan
Comment 11 Fedora Update System 2018-03-06 12:44:00 UTC 
crypto-policies-20180306-1.gitaea6928.fc28 has been submitted as an update to Fedora 28. https://bodhi.fedoraproject.org/updates/FEDORA-2018-b849029629
Comment 12 Nikos Mavrogiannopoulos 2018-03-07 08:44:08 UTC 
Current status: 
 Due to regressions seen in connecting to (1) internal/intranet web sites, (2) SSL VPN servers, I've backed off some of the original plan and modified the plan description [0] to the implemented plan.

Original plan:
* Keep only TLS 1.2 (and TLS 1.3 when available) as enabled protocols and move the TLS 1.x, x<=1 to legacy level.
* Require finite field parameters (RSA, Diffie-Hellman) of 2048 and more in the default settings
* Disable DSA by default


Fallback (current plan):
* Disable DSA by default
* Require RSA certificates of 2048 bits and more in the default settings (Diffie-Hellman remains >= 1024)

The items in the original plan that were not implemented are to be postponed to a later time. I also renamed the change to "Strong crypto settings: phase 1" to reflect that.

The fallback plan requires the updates in [1] to be merged.

[0]. https://fedoraproject.org/wiki/Changes/StrongCryptoSettings
[1]. https://bodhi.fedoraproject.org/updates/FEDORA-2018-b849029629
Comment 13 Fedora Update System 2018-03-08 15:25:54 UTC 
crypto-policies-20180306-1.gitaea6928.fc28, openssh-7.6p1-7.fc28 has been pushed to the Fedora 28 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-b849029629
Comment 14 Fedora Update System 2018-03-30 12:42:53 UTC 
crypto-policies-20180306-1.gitaea6928.fc28, openssh-7.6p1-7.fc28 has been pushed to the Fedora 28 stable repository. If problems still persist, please make note of it in this bug report.