On Thursday, January 12, 2017, Christian Heimes <christian@cheimes.de> wrote:

On 2017-01-12 15:09, Nick Coghlan wrote:
> On 12 January 2017 at 22:44, Cory Benfield <cory@lukasa.co.uk> wrote:
>> We can do that.
>>
>> I should note that MINIMUM_SUPPORTED and MAXIMUM_SUPPORTED are not intended
>> to be equal to SSLv2 and TLSv1_3, or indeed to any other value in this enum.
>> They are future-proofing tools that allow users to say “I want TLSv1 *or
>> higher*” without setting an upper bound on what “higher” means.
>
> Cool, I wasn't sure how you intended to handle that, and supplying the
> values will make it explicit that those are really only useful in
> "version_range" and not anywhere else. Although at that point the
> question becomes whether or not they're offering any benefit beyond
> just using "None" in the appropriate location.

I have a working PoC patch for a TLS version enum and set version range
method on https://bugs.python.org/issue27876.

```

def __init__(self, prettyname, wireprotocol, offset):
        self.prettyname = prettyname
        self.wireprotocol = wireprotocol
        self.noflag = OP_NO_FLAGS[offset]
        self.minflag = sum(OP_NO_FLAGS[:offset])
        self.maxflag = sum(OP_NO_FLAGS[offset+1:])

```

- Do these need a __cmp__()?

- Are there concrete-implementation-specific const constants for each library?

We have to consider different kinds of min and max version:

1) min and max offical SSL/TLS standards
2) min and max supported standards for a TLS implementation
3) min and max version we consider as secure enough

The Apache HTTPD `SSLProtocol` and Nginx `ssl_protocols` options support different methods of whitelisting and blacklisting.

https://mozilla.github.io/server-side-tls/ssl-config-generator/ modern (2017):

- SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1

- ssl_protocols TLSv1.2;

As of now (1) is SSLv2 / TLSv1.2 because TLSv1.3 is still a draft.
(2) depends on the library, it is SSLv3 / TLSv1.2 for OpenSSL and SSLv3
/ TLSv1.3 for NSS on the client side and SSLv3 / TLSv1.2 for NSS on the
server side for default builds.

(3) is TLSv1.0 and max of (2).

Contrary to my PoC we should also differentiate between
MAXIMUM_SUPPORTED and whatever the maximum supported TLS version for a
TLS implementation is. For example
set_version_range(max=MAXIMUM_SUPPORTED) should never fail but
set_version_range(max=TLS_1_3) should fail for OpenSSL.

Christian
_______________________________________________
Security-SIG mailing list
Security-SIG@python.org
https://mail.python.org/mailman/listinfo/security-sig