This is a tracking bug for Change: Strong crypto settings: phase 2
For more details, see: https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2
We update the current system-wide crypto policy to further disable legacy cryptographic protocols (TLS 1.0 and TLS 1.1), weak Diffie-Hellman key exchange sizes (1024 bit), and use of the SHA-1 hash in signatures.
Branching F33 Change Tracker bugs.
Today is the code complete (testable) deadline. All bugs should be at least in MODIFIED state by now to indicate they are testable.
Closing tracking bugs for F33. If your change didn't make it into F33 for some reason, please reopen this and NEEDINFO me.
Breakage found after release:
- OpenSSH - connecting to RHEL 6 servers - bug 1884920
- Knot Resolver - DNSSEC validation DNS domains with SHA1 signatures - bug 1892704 (affects fedoraproject.org as well, LOL)
The SSH to RHEL-6 is expected and not a bug. However the other is a little bit unexpected as the SHA1 disablement was supposed to be applied only within context of the TLS, SSH, and IKE protocols. It was not supposed to be applied to DNSSec.
Someone seems to have forgotten about ADSL routers with wifi. Their firmware gets updated less frequently and blanket assumption behind this change that all servers will "probably " get updates to TLS 1.2 is a bit presumptuous.
Currently Fed33 is unable to connect to a lot of wifi hot spots and the wifi on my router, for example.
more over it is very opaque and appears exactly like an incorrect password to the user and even in dmesg output :
This is incorrect, since it is not the auth credentials which were not valid !
Do we need a new bug for this since this one is closed?
"Given the existing deployment of TLS 1.2 on the internet, there should not be significant user experience degradation, although that's a speculation. "
perhaps such sweeping changes should be based on more than speculation.
www.euroclear.com does not load with Firefox 89 on Fedora 34. As outlined at https://github.com/drwetter/testssl.sh/issues/1929 , the site’s and intermediate certificates use SHA-256 hash, the root uses SHA-1 hash and for self-signed (root) certificates the hash formula shall be irrelevant. My reading is, that the “Strong Crypto Settings” change disables SHA-1 hashes even for root certificates, but it should not.
Chromium on Fedora 34 does load it, Epiphany does not connect.
Since in the default configuration on Fedora 34 Firefox cannot open https://darikradio.bg/, but Chromium opens it, user will migrate permanently from Firefox to Chrome.
On Fedora the strongest usable crypto-policy is 'NEXT' until DigiCert updates their CA certificate RSA signature to 3072 bits.
That CA signed https://mirrors.fedoraproject.org with 2048 bits RSA.