Opened 4 years ago

Closed 3 years ago

#11253 closed enhancement (fixed)

Turn on TLS 1.1 and 1.2 in TorBrowser

Reported by: YunoTLS Owned by: mikeperry
Priority: High Milestone:
Component: Firefox Patch Issues Version:
Severity: Keywords: tbb-pref, ff31-esr, MikePerry201405R
Cc: intrigeri@…, gk, phoul, mcs Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

TLS 1.1 and TLS 1.2 support is already implemented in FF 24 ESR, but for some unknown reason Mozilla haven't truned it on by default, even though TLS 1.1 and 1.2 is supported by Chrome, IE, Opera, and FF stable (the non-ESR version).
Thru about:config, search for security.tls.version.max and replace 1 with 3 and that's it.
Note we're not disabling SSL 3.0 so no sites at all will be broken.
The reasons and benefits for enaling TLS 1.1 and 1.2 are obvious and self-evident, including
-higher security for encrypted traffic to websites leaving Tor exit nodes
-Making the said traffic ubove resistant to cryptanalysis and sniffing
There are no draw backs from this upgrade because SSL 3.0 will not be disbaled and hence websites not supporting TLS 1.1 and 1.2 will not be broken and will function as normal.

Child Tickets

Change History (11)

comment:1 Changed 4 years ago by intrigeri

Cc: intrigeri@… added

comment:2 Changed 4 years ago by mikeperry

Cc: gk added
Keywords: tbb-pref MikePerry201403 added; TLS SSL security privacy TorBrowser removed

Seems reasonable on face. My only concern is that I would actually like to see Mozilla's reasoning for not enabling this yet (untested code? new code with higher vulnerability surface?).

Note also that Mozilla does not usually backport security fixes in prefs that default to off, so if there have been vulnerabilities (or even generic memory safety hazards) in this new TLS code, fixes for them may not have been backported to 24ESR. We'll likely need to scan hg log of the NSS code to be sure of this (or at least ask people who work on NSS at Mozilla/Google/Redhat).

comment:3 in reply to:  2 Changed 4 years ago by Knightly

Replying to mikeperry:

Seems reasonable on face. My only concern is that I would actually like to see Mozilla's reasoning for not enabling this yet (untested code? new code with higher vulnerability surface?).

Note also that Mozilla does not usually backport security fixes in prefs that default to off, so if there have been vulnerabilities (or even generic memory safety hazards) in this new TLS code, fixes for them may not have been backported to 24ESR. We'll likely need to scan hg log of the NSS code to be sure of this (or at least ask people who work on NSS at Mozilla/Google/Redhat).

The reason Mozilla didn't enable it in ESR is that they consider it a new feature and not a security fix.
But as you said, we should check Mozilla for the reasoning, probably an email to them would suffice.

comment:4 Changed 4 years ago by mikeperry

I was just told this by a Mozilla engineer who works on TLS:

I dont think we will be backporting TLS 1.1/1.2 to ESR. The backport requires
updating to NSS > 3.15.1 and that is not planned to be done.

I will see if I can find out more tomorrow. It may be the case that higher values for this pref actually do nothing for us in FF24-ESR.

comment:5 Changed 4 years ago by mikeperry

Keywords: MikePerry201403 removed
Priority: criticalmajor

It seems like this pref will actually do nothing, and we're unlikely to backport (and continue to maintain bugfix vigilance over) all of NSS ourselves. We will pick this up when FF31ESR is out (mid-July).

comment:6 Changed 4 years ago by gk

Keywords: ff31-esr added

comment:7 Changed 3 years ago by cypherpunks

According to tests with https://www.howsmyssl.com/ TLS 1.1 is supported by current Tor Browser releases if the proposed setting is actually changed. I think it's worth enabling for all upcoming releases including non ff31esr ones.

comment:8 Changed 3 years ago by phoul

Cc: phoul added

comment:9 Changed 3 years ago by mikeperry

Keywords: MikePerry201405R added

Ok, I guess the Mozilla engineer I talked to was wrong about this support being in FF24. I looked over the MFSAs for Firefox 24-29 and they appear to have backported all of the NSS bugfixes to the ESR series, however, we will need to monitor this until we switch to FF31ESR if we do set this pref, as they will *not* backport any code execution specific to TLS 1.1 and 1.2 into the ESR series (because the pref is off by default).

For the moment, it seems OK to enable though.

comment:10 Changed 3 years ago by mcs

Cc: mcs added

comment:11 Changed 3 years ago by mikeperry

Resolution: fixed
Status: newclosed

This is set in tor-browser-24.5.0esr-1. It will appear in TBB 3.6.2.

Note: See TracTickets for help on using tickets.