** Description changed: SSL2 and SSL3 have been hastily removed, apparently by developers who are unaware that these protocols serve purposes other than encryption. SSL2/3 is *still used* on onion sites. Why? For verification. An onion site has inherent encryption, so it matters not how weak the SSL crypto is when the purpose is purely to verify that the server is owned by who they say it's owned by. Proof that disclosure attacks on ssl2/3 are irrelevant to onion sites: https://blog.torproject.org/tls-certificate-for-onion-site + https://community.torproject.org/onion-services/overview/ So here is a real world impact case. Suppose you get your email from one of these onion mail servers: http://onionmail.info/directory.html Some (if not all) use ssl2/3 on top of Tor's inherent onion tunnel. They force users to use ssl2/3, so even if a user configures the client not to impose TLS, the server imposes it. And it's reasonable because the ssl2/3 vulns are orthoganol to the use case. Some users will get lucky and use a mail client that still supports ssl2/3. But there's still a problem: users can no longer use openssl to obtain the fingerprint to pin. e.g. $ openssl s_client -proxy 127.0.0.1:8118 -connect xhfheq5i37waj6qb.onion:110 -showcerts CONNECTED(00000003) 140124399195456:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:331: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 44 bytes and written 330 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- That's openssl version 1.1.1k Being denied the ability to pin the SSL cert is actually a *degredation* of security. Cert Pinning is particularly useful with self-signed certs, as is often the scenario with onion sites.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1934040 Title: openssl s_client's '-ssl2' & '-ssl3' options gone, prematurely! Status in openssl package in Ubuntu: New Bug description: SSL2 and SSL3 have been hastily removed, apparently by developers who are unaware that these protocols serve purposes other than encryption. SSL2/3 is *still used* on onion sites. Why? For verification. An onion site has inherent encryption, so it matters not how weak the SSL crypto is when the purpose is purely to verify that the server is owned by who they say it's owned by. Proof that disclosure attacks on ssl2/3 are irrelevant to onion sites: https://blog.torproject.org/tls-certificate-for-onion-site https://community.torproject.org/onion-services/overview/ So here is a real world impact case. Suppose you get your email from one of these onion mail servers: http://onionmail.info/directory.html Some (if not all) use ssl2/3 on top of Tor's inherent onion tunnel. They force users to use ssl2/3, so even if a user configures the client not to impose TLS, the server imposes it. And it's reasonable because the ssl2/3 vulns are orthoganol to the use case. Some users will get lucky and use a mail client that still supports ssl2/3. But there's still a problem: users can no longer use openssl to obtain the fingerprint to pin. e.g. $ openssl s_client -proxy 127.0.0.1:8118 -connect xhfheq5i37waj6qb.onion:110 -showcerts CONNECTED(00000003) 140124399195456:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:331: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 44 bytes and written 330 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- That's openssl version 1.1.1k Being denied the ability to pin the SSL cert is actually a *degredation* of security. Cert Pinning is particularly useful with self-signed certs, as is often the scenario with onion sites. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1934040/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
