Rewrite NEWS file
Kurt Roeckx
5 years ago
| 0 | 0 | openssl (1.1.1-2) unstable; urgency=medium |
| 1 | 1 | |
| 2 | As part of hardening TLS, PCI DSS requires the minimum of TLSv1.1. Also BSI | |
| 3 | suggests in TR-02102-2 the minimum of TLSv1.2 because of the lack of anything | |
| 4 | stronger than SHA1 in TLSv1.1. Mozilla, Microsoft, Google and Apple plan to | |
| 5 | deprecate TLSv1.1 and earlier around March 2020. | |
| 6 | Due to this and other considerations, libssl1.1 user is configured system wide | |
| 7 | by default to use TLSv1.2 as the smallest possible protocol version. The | |
| 8 | security level has been increased to `2' which contains 112 bits of security | |
| 9 | of security (as a result RSA, DSA and DH keys shorter than 2048 bits and ECC | |
| 10 | keys shorter than 224 bits are prohibited). | |
| 11 | Should you encounter a limitation due this restrictions please contact the | |
| 12 | remote side (which provides the service) to reconsider their security | |
| 13 | settings and provide a decent and up to date security capabilities. | |
| 14 | It is possible, as a last resort, to enable the old behaviour and enable | |
| 15 | lower security level on per application basis (or system wide) by editing | |
| 16 | /etc/ssl/openssl.cnf. Please see | |
| 17 | https://www.openssl.org/docs/man1.1.1/man5/config.html | |
| 18 | https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html#DEFAULT-CALLBACK-BEHAVIOUR | |
| 19 | for configuration details of `MinProtocol' and `CipherString'. | |
| 2 | Following various security recommendations, the default minimum TLS version | |
| 3 | has been changed from TLSv1 to TLSv1.2. Mozilla, Microsoft, Google and Apple | |
| 4 | plan to do same around March 2020. | |
| 20 | 5 | |
| 21 | -- Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Sun, 28 Oct 2018 10:48:46 +0100 | |
| 6 | The default security level for TLS connections has also be increased from | |
| 7 | level 1 to level 2. This moves from the 80 bit security level to the 112 bit | |
| 8 | security level and will require 2048 bit or larger RSA and DHE keys, 224 bit | |
| 9 | or larger ECC keys, and SHA-2. | |
| 10 | ||
| 11 | The system wide settings can be changed in /etc/ssl/openssl.cnf. Applications | |
| 12 | might also have a way to override the defaults. | |
| 13 | ||
| 14 | In the default /etc/ssl/openssl.cnf there is a MinProtocol and CipherString | |
| 15 | line. The CipherString can also sets the security level. Information about the | |
| 16 | security levels can be found in the SSL_CTX_set_security_level(3ssl) manpage. | |
| 17 | The list of valid strings for the minimum protocol version can be found in | |
| 18 | SSL_CONF_cmd(3ssl). Other information can be found in ciphers(1ssl) and | |
| 19 | config(5ssl). | |
| 20 | ||
| 21 | Changing back the defaults in /etc/ssl/openssl.cnf to previous system wide | |
| 22 | defaults can be done using: | |
| 23 | MinProtocol = None | |
| 24 | CipherString = DEFAULT | |
| 25 | ||
| 26 | It's recommended that you contact the remote site in case the defaults cause | |
| 27 | problems. | |
| 28 | ||
| 29 | -- Kurt Roeckx <kurt@roeckx.be> Sun, 28 Oct 2018 20:58:35 +0100 |