Re: SHA-1 Phase-out

2016-11-22 Thread Gervase Markham 
On 21/11/16 20:29, Myers, Kenneth (10421) wrote:
> I've been trying to stay on top of the SHA-1 phase-out discussion but
> lost track. Where did it leave off?

I drafted a potential update to Mozilla's policy which was discussed
here, and has now moved to the CAB Forum public list for further discussion.

> I think I saw something of doing a ban at the browser level to not
> trust the SHA-1 algorithm. Is this possible?

Mozilla will be doing that in January 2017.
https://blog.mozilla.org/security/2016/10/18/phasing-out-sha-1-on-the-public-web/

Gerv

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: SHA-1 Phase-out

2016-11-21 Thread Myers, Kenneth (10421) 
Hi Gerv,

I've been trying to stay on top of the SHA-1 phase-out discussion but lost 
track. Where did it leave off?

I think I saw something of doing a ban at the browser level to not trust the 
SHA-1 algorithm. Is this possible?

Kenneth Myers
Manager
+1.571.366.6120 +1.703.299.3046 fax
Protiviti | 1640 King Street | Suite #400 | Alexandria | VA 22314 US | 
Protiviti.com
NOTICE: Protiviti is a global consulting and internal audit firm composed of 
experts specializing in risk and advisory services. Protiviti is not licensed 
or registered as a public accounting firm and does not issue opinions on 
financial statements or offer attestation services. This electronic mail 
message is intended exclusively for the individual or entity to which it is 
addressed. This message, together with any attachment, may contain confidential 
and privileged information. Any views, opinions or conclusions expressed in 
this message are those of the individual sender and do not necessarily reflect 
the views of Protiviti Inc. or its affiliates. Any unauthorized review, use, 
printing, copying, retention, disclosure or distribution is strictly 
prohibited. If you have received this message in error, please immediately 
advise the sender by reply email message to the sender and delete all copies of 
this message. Thank you.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: SHA-1 Phase-out

2016-11-16 Thread Gervase Markham 
On 16/11/16 09:08, Kurt Roeckx wrote:
> The other option would be that Firefox adds an option to allow SHA-1 for
> things that are in the trust store but are not in the default trust store.

AIUI, that is going to be the default behaviour.

Gerv
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: SHA-1 Phase-out

2016-11-16 Thread Kurt Roeckx 

On 2016-11-15 18:00, Peter Bowen wrote:

On Tue, Nov 15, 2016 at 7:25 AM, Kurt Roeckx  wrote:


- If it's an enterprise root they need to switch to SHA-2


This is a lot easier said than done for many organizations.  Depending
on the CA software this might be a small configuration change or might
involve a very large software upgrade.  I think the key question here
is whether Firefox will have an option to do two things:

1) Continue to accept signatures over SHA-1 hashes for end-entity certificates
2) Continue to accept signatures over SHA-1 hashes for CA certificates
in the chain

While these may seem similar (in fact from a crypto risk perspective
#2 is probably worse than #1), they frequently represent different
amounts of work required to mitigate for organizations.


The other option would be that Firefox adds an option to allow SHA-1 for 
things that are in the trust store but are not in the default trust store.



Kurt

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: SHA-1 Phase-out

2016-11-15 Thread Peter Bowen 
On Tue, Nov 15, 2016 at 7:25 AM, Kurt Roeckx  wrote:
>
> - If it's an enterprise root they need to switch to SHA-2

This is a lot easier said than done for many organizations.  Depending
on the CA software this might be a small configuration change or might
involve a very large software upgrade.  I think the key question here
is whether Firefox will have an option to do two things:

1) Continue to accept signatures over SHA-1 hashes for end-entity certificates
2) Continue to accept signatures over SHA-1 hashes for CA certificates
in the chain

While these may seem similar (in fact from a crypto risk perspective
#2 is probably worse than #1), they frequently represent different
amounts of work required to mitigate for organizations.

Thanks,
Peter
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: SHA-1 Phase-out

2016-11-15 Thread Kurt Roeckx 

On 2016-11-15 16:19, Gervase Markham wrote:

On 15/11/16 12:20, jansomar...@gmail.com wrote:

I would step in to your discussion if you don't mind. My question is
very similar to the original one but in regards to internal usage of
SHA-1 signed certs. We are running large number of network devs


devs == devices, rather than developers?


acting as a proxy and users need to authenticate in order to access
some of the applications. It's an internal closed environment and all
the devices are using self-signed certificates. Will something change
for us when Mozilla disabled SHA-1 certs?


Are you sure you mean self-signed certs? Every time a user accesses a
new application, they get a security error they have to override? Or do
you mean you have a private enterprise root which you add to web
browsers, and which issue all these certs for you?


I guess the answer for both cases are:
- If it's an enterprise root they need to switch to SHA-2
- If it's self-signed we don't care about the signature algorithm.


Kurt


___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: SHA-1 Phase-out

2016-11-15 Thread jansomartin 
Hello Guys,

I would step in to your discussion if you don't mind. My question is very 
similar to the original one but in regards to internal usage of SHA-1 signed 
certs. We are running large number of network devs acting as a proxy and users 
need to authenticate in order to access some of the applications. It's an 
internal closed environment and all the devices are using self-signed 
certificates. Will something change for us when Mozilla disabled SHA-1 certs? 

As far as I could read there is a plan to have an option to override this 
security feature and access website anyway. Of course enabling SHA-1 in 
about:config is also an option but we need to prepare our users for that.

Thank you very much for any qualified answer.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: SHA-1 Phase-out

2016-10-12 Thread Nick Lamb 
On Wednesday, 12 October 2016 14:50:22 UTC+1, Gervase Markham  wrote:
> However, we would counsel all sites to move
> away from SHA-1 as the user experience will be as bad as the security.

A message I've seen from some security vendors, that I don't want us 
reinforcing, is the idea that the SHA-1 certificates themselves are a security 
problem and "upgrading" to a SHA-256 certificate improves security.

I think bank notes (outside the US) are a useful analogy. Sometimes the central 
bank may begin issuing a new note with improved anti-forgery features. To 
ensure forgers can't just keep making the old, more easily forged notes, these 
are eventually withdrawn from general use once enough of the new are in 
circulation.

It would be a mistake to try to "improve" the security of your business by 
swapping all its cash for the latest notes. The new notes aren't "more secure" 
in a way that affects you, you haven't improved anything by doing this. Your 
business should pay attention to notices from the bank about new notes coming 
into circulation and about old ones being withdrawn, and make appropriate 
plans, but so long as it does that there's no problem.

Web PKI Subscribers should be switching to SHA-1 because their Issuer requires 
it. CA/B rules make that clear, compliance seems to be pretty good but browser 
vendors like Mozilla are taking out insurance against the possibility that 
somebody, somewhere, made a mistake. In my view for ordinary subscribers in the 
Web PKI it's primarily a compatibility issue, rather than a security issue. Off 
the Web PKI, in private systems, the risk/ reward may look very different. If 
your PKI only issues certificates on a sight basis to a handful of trusted 
individuals suddenly the chosen prefix attack doesn't look like a real security 
risk at all so SHA-1 seems fine.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

SHA-1 Phase-out

2016-10-12 Thread Konstantinos Tsimaris 
Hi Security team,

I have 2 questions which I would be grateful if you can help.

I have seen various posts mentioning that after 1 of January 2017, browsers
will stop support of SHA1 signed CAs. I am looking into a way to identify
which WEB sites will not work until new certificate is applied and
demonstrate that after change it will work. I know that can be done via
checking the issued CA. Is there a way using a Firefox to replicate the
behavior/block prior to that date?

Second, I would like to ask if a user has option to permit if required, for
example using "security.pki.sha1_enforcement_level"

Kind Regards,
Kostas Tsimaris
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy