13 February 2015
Bulletproof TLS Newsletter is a free periodic newsletter bringing you commentary and news surrounding SSL/TLS and Internet PKI, designed to keep you informed about the latest developments in this space. Received monthly by more than 50,000 subscribers. Maintained by Hanno Böck.
Slowly but surely, Chrome is advancing their SHA1 deprecation plans. Chrome 41, which is expected in early March, will warn about SHA1 certificates that expire in 2016 and treat as insecure SHA1 certificates that expire in 2017. If you fall into one of these two categories, you should get new certificates as soon as possible. If you believe you should continue to use SHA1 for better compatibility with old clients, you can avoid warnings and errors by using certificates that expire in 2015.
As a result of the POODLE and POODLE TLS discoveries, SSL v3 is going away. Many companies have already disabled this old and insecure protocol version. Browsers are doing the same, Firefox in version 34 and Chrome in version 40. This month, Microsoft released an update for Internet Explorer 11 that prevents fallback to SSL v3. They also said that they would be disabling SSL v3 altogether in April.
In January, we saw a very interesting discussion about DNSSEC and DANE. It started with Thomas Ptacek writing a blog post arguing against DNSSEC, with a follow-up discussion on Hacker News. Thomas then wrote another blog post to clarify his arguments. Adam Langley chimed in to discuss DANE from browser perspective. If you were looking for good arguments for and against DNSSEC/DANE, these posts are a great starting point.
As much as we would all love to see RC4 fully deprecated and retired forever, it still remains in heavy use. According to SSL Pulse, about 74% servers support RC4 suites, and about 23% servers even use it with modern browsers. The discovery of POODLE and POODLE TLS problems certainly contributed to the problem, with many system owners seeing RC4 as their only option. That said, in the near future we might see events that will lead toward faster reduction of RC4 usage. The TLS working group concluded their discussion about RC4, which will soon result with a new RFC that forbids further usage of this insecure cipher. Then there's new research in development that improves upon known attacks against RC4, as evidenced by a poster that was shown during the Real World Crypto conference in London in January. In 2013, Jacob Appelbaum claimed that RC4 can be broken in real time, but offered no evidence. We.re hoping this might change in late March, when Itsik Mantin presents at Black Hat Europe. He's promising complete breakage under certain conditions. We can't wait.
You might have already heard about Let's Encrypt, a free certification authority planned for later this year. They got a lot of people excited, but they're not ready just yet. In the meantime, WoSign, a Chinese CA, decided to take the lead by offering free web server and email certificates.
This subscription is just for the newsletter; we won't send you anything else.
Designed by Ivan Ristić, the author of SSL Labs, Bulletproof TLS and PKI, and Hardenize, our course covers everything you need to know to deploy secure servers and encrypted web applications.
Remote and trainer-led, with small classes and a choice of timezones.
Join over 1,500 students who have benefited from more than a decade of deep TLS and PKI expertise.