SSLv2 has been deprecated for 20 years. No browsers supports it. MACs are
based on long dead MD5, and SHA1. Handshakes are not protected from MITM
corruption, cipher downgrades, or padding attacks. The ciphers are weak, some
now considered merely obfuscation. And now with DROWN, whole companies, are
vulnerable to all traffic and authentication being compromised if only a single
cert sharing machine allows SSLv2 handshake.
ATS should not contribute in anyway to extending the 20 year deprecation of
that protocol, or allow for accidental mis-configuration. I would suggest a
re-compile be necessary for those interested in flirting with the dangers,
perhaps an #ifdef INSECURE_MODE_ON, though I can imagine some might consider
even that position morally compromised :-)
On Monday, April 11, 2016 10:06 PM, xuchao <[email protected]> wrote:
+1 to disable for client <-> proxy
but please keep sslv2/v3 for proxy <-> origin.
I'm implement a man in the middle ssl forward proxy with ats.
发自我的 iPhone
在 2016年4月11日,08:57,Uri Shachar <[email protected]> 写道:
>> On Apr 10, 2016, at 7:42 AM, Phil Sorber <[email protected]> wrote:
>>
>> I'd like to propose that we deprecate SSLv2 and SSLv3 in ATS 6.2.0 and
>> remove it in 7.0.0.
>>
>> Currently our defaults do not enable them and have been that way for about
>> a year now. For 6.2.0 I'd like to mark them deprecated in the
>> documentation, and then we remove the code for 7.0.0. This will mean that
>> as of 7.0.0 you will not be able to enable SSLv2/3 even if your OpenSSL
>> library supports it.
>
> +1 to disabling for client <-> proxy connections.
> Completely disabling for proxy <-> origin is somewhat problematic for the
> forward proxy use case -- there are still some lingering SSLv3 servers out
> there, especially inside LANs....
>
> Cheers,
> Uri
