Rewrite NEWS file
Kurt Roeckx
5 years ago
0 | 0 | openssl (1.1.1-2) unstable; urgency=medium |
1 | 1 | |
2 | As part of hardening TLS, PCI DSS requires the minimum of TLSv1.1. Also BSI | |
3 | suggests in TR-02102-2 the minimum of TLSv1.2 because of the lack of anything | |
4 | stronger than SHA1 in TLSv1.1. Mozilla, Microsoft, Google and Apple plan to | |
5 | deprecate TLSv1.1 and earlier around March 2020. | |
6 | Due to this and other considerations, libssl1.1 user is configured system wide | |
7 | by default to use TLSv1.2 as the smallest possible protocol version. The | |
8 | security level has been increased to `2' which contains 112 bits of security | |
9 | of security (as a result RSA, DSA and DH keys shorter than 2048 bits and ECC | |
10 | keys shorter than 224 bits are prohibited). | |
11 | Should you encounter a limitation due this restrictions please contact the | |
12 | remote side (which provides the service) to reconsider their security | |
13 | settings and provide a decent and up to date security capabilities. | |
14 | It is possible, as a last resort, to enable the old behaviour and enable | |
15 | lower security level on per application basis (or system wide) by editing | |
16 | /etc/ssl/openssl.cnf. Please see | |
17 | https://www.openssl.org/docs/man1.1.1/man5/config.html | |
18 | https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html#DEFAULT-CALLBACK-BEHAVIOUR | |
19 | for configuration details of `MinProtocol' and `CipherString'. | |
2 | Following various security recommendations, the default minimum TLS version | |
3 | has been changed from TLSv1 to TLSv1.2. Mozilla, Microsoft, Google and Apple | |
4 | plan to do same around March 2020. | |
20 | 5 | |
21 | -- Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Sun, 28 Oct 2018 10:48:46 +0100 | |
6 | The default security level for TLS connections has also be increased from | |
7 | level 1 to level 2. This moves from the 80 bit security level to the 112 bit | |
8 | security level and will require 2048 bit or larger RSA and DHE keys, 224 bit | |
9 | or larger ECC keys, and SHA-2. | |
10 | ||
11 | The system wide settings can be changed in /etc/ssl/openssl.cnf. Applications | |
12 | might also have a way to override the defaults. | |
13 | ||
14 | In the default /etc/ssl/openssl.cnf there is a MinProtocol and CipherString | |
15 | line. The CipherString can also sets the security level. Information about the | |
16 | security levels can be found in the SSL_CTX_set_security_level(3ssl) manpage. | |
17 | The list of valid strings for the minimum protocol version can be found in | |
18 | SSL_CONF_cmd(3ssl). Other information can be found in ciphers(1ssl) and | |
19 | config(5ssl). | |
20 | ||
21 | Changing back the defaults in /etc/ssl/openssl.cnf to previous system wide | |
22 | defaults can be done using: | |
23 | MinProtocol = None | |
24 | CipherString = DEFAULT | |
25 | ||
26 | It's recommended that you contact the remote site in case the defaults cause | |
27 | problems. | |
28 | ||
29 | -- Kurt Roeckx <kurt@roeckx.be> Sun, 28 Oct 2018 20:58:35 +0100 |