This needs to be accepted upstream before we take it in Ubuntu. Also,
chromium uses the system NSS, but thunderbird doesn't anymore.
** Changed in: nss (Ubuntu)
Importance: Undecided => Low
** Changed in: nss (Ubuntu)
Status: New => Triaged
** No longer affects: chromium-browser (Ubuntu)
** Changed in: firefox (Ubuntu)
Importance: Undecided => Low
** Changed in: firefox (Ubuntu)
Status: New => Triaged
** Changed in: thunderbird (Ubuntu)
Importance: Undecided => Low
** Changed in: thunderbird (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to thunderbird in Ubuntu.
https://bugs.launchpad.net/bugs/1002434
Title:
TLS interoperability issue in NSS based software
Status in Network Security Services (NSS):
Confirmed
Status in Mozilla Thunderbird Mail and News:
Confirmed
Status in “firefox” package in Ubuntu:
Triaged
Status in “nss” package in Ubuntu:
Triaged
Status in “thunderbird” package in Ubuntu:
Triaged
Bug description:
NSS (Netscape Security Services) module provides encryption services
to many applications, such as Thunderbird, Firefox and Chromium. NSS
has a hard coded maximum limit of 2236 bits for ephemeral Diffie-
Hellman (DHE) keys. If the TLS server (such as a web server, SMTP
server, IMAP server, etc) requests a bigger DHE key size, NSS based
applications refuse to interoperate. They just close the connection
and display a confusing error message (such as "Unknown error").
Recent versions of GnuTLS (as shipped by Ubuntu and other
distributions) include a new library API which recommends and
automatically selects the following key sizes:
Security level key bits
LOW 1248
LEGACY 1776
NORMAL 2432
HIGH 3248
See the following for more information:
https://www.gnu.org/software/gnutls/manual/html_node/Selecting-
cryptographic-key-sizes.html
As can be seen, NSS's maximum limit of 2236 bits can only interoperate
with GnuTLS server which has been set at "LOW" or "LEGACY" security
level.
This bug was discovered when Exim's GnuTLS interface was revamped
recently. Thunderbird refused to complete TLS handshake with the Exim
SMTP server any more, because the new GnuTLS interface was following
the GnuTLS library's opinion on suitable key sizes.
Please patch the NSS library to accept reasonable key sizes: at the
very least 3248 bits should be accepted to allow interoperability with
GnuTLS at HIGH level. NSS is the only TLS library which has such a low
hard limit on DHE key size.
The only reason people are not hitting this bug frequently yet is that
most main stream server software still does not use GnuTLS library's
new API or recommendations but instead hard codes the DHE key size to
1024 or 2048 bits.
I am attaching a patch which points out the relevant #define in
blapit.h.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nss/+bug/1002434/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
