1821875 – Strong crypto settings: phase 2

Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 1821875 - Strong crypto settings: phase 2

Summary: Strong crypto settings: phase 2

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	Changes Tracking
Sub Component:
Version:	33
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Tomas Mraz
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	F33Changes
TreeView+	depends on / blocked

Reported:	2020-04-07 18:32 UTC by Ben Cotton
Modified:	2021-07-12 08:25 UTC (History)
CC List:	4 users (show)
Fixed In Version:	crypto-policies-20200702-2.gitc40cede.fc33
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-10-27 14:47:52 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1884920	0	unspecified	CLOSED	Cannot ssh into CentOS 6 using ssh key authentication	2022-05-16 11:32:56 UTC
Red Hat Bugzilla	1892704	0	unspecified	CLOSED	domains with SHA1 DNSSEC algorithms SERVFAIL in Fedora 33	2022-05-16 11:32:56 UTC

Internal Links: 1892704

Description Ben Cotton 2020-04-07 18:32:13 UTC

This is a tracking bug for Change: Strong crypto settings: phase 2
For more details, see: https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2

We update the current system-wide crypto policy to further disable legacy cryptographic protocols (TLS 1.0 and TLS 1.1), weak Diffie-Hellman key exchange sizes (1024 bit), and use of the SHA-1 hash in signatures.

Comment 1 Ben Cotton 2020-08-11 13:10:44 UTC

Branching F33 Change Tracker bugs.

Today is the code complete (testable) deadline. All bugs should be at least in MODIFIED state by now to indicate they are testable.

Comment 2 Ben Cotton 2020-10-27 14:47:52 UTC

Closing tracking bugs for F33. If your change didn't make it into F33 for some reason, please reopen this and NEEDINFO me.

Comment 3 Petr Špaček 2020-10-29 14:44:35 UTC

Breakage found after release:
- OpenSSH - connecting to RHEL 6 servers - bug 1884920
- Knot Resolver - DNSSEC validation DNS domains with SHA1 signatures - bug 1892704 (affects fedoraproject.org as well, LOL)

Comment 4 Tomas Mraz 2020-10-29 15:47:29 UTC

The SSH to RHEL-6 is expected and not a bug. However the other is a little bit unexpected as the SHA1 disablement was supposed to be applied only within context of the TLS, SSH, and IKE protocols. It was not supposed to be applied to DNSSec.

Comment 5 Federic 2021-04-05 17:35:41 UTC

Someone seems to have forgotten about ADSL routers with wifi. Their firmware gets updated less frequently and blanket assumption behind this change that all servers will "probably " get updates  to TLS 1.2 is a bit presumptuous. 

Currently Fed33 is unable to connect to a lot of wifi hot spots and the wifi on my router, for example.

more over it is very opaque and appears exactly like an incorrect password to the user and even in dmesg output :

PREV_AUTH_NOT_VALID

This is incorrect, since it is not the auth credentials which were not valid ! 

Do we need a new bug for this since this one is closed?

Comment 6 Federic 2021-04-05 17:41:11 UTC

https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2#Upgrade.2Fcompatibility_impact

"Given the existing deployment of TLS 1.2 on the internet, there should not be significant user experience degradation, although that's a speculation. "

perhaps such sweeping changes should be based on more than speculation.

Comment 7 Дилян Палаузов 2021-07-11 21:05:56 UTC

www.euroclear.com does not load with Firefox 89 on Fedora 34.  As outlined at https://github.com/drwetter/testssl.sh/issues/1929 , the site’s and intermediate certificates use SHA-256 hash, the root uses SHA-1 hash and for self-signed (root) certificates the hash formula shall be irrelevant.  My reading is, that the “Strong Crypto Settings” change disables SHA-1 hashes even for root certificates, but it should not.

Chromium on Fedora 34 does load it, Epiphany does not connect.

Comment 8 Дилян Палаузов 2021-07-12 08:25:29 UTC

Since in the default configuration on Fedora 34 Firefox cannot open https://darikradio.bg/, but Chromium opens it, user will migrate permanently from Firefox to Chrome.

Note You need to log in before you can comment on or make changes to this bug.