This change will be landing in Nightly *this week*, so if you have comments, please send them my way.
On Fri, May 29, 2015 at 3:50 PM, Richard Newman <[email protected]> wrote: > tl;dr: we're planning to switch the cipher suites and TLS versions > supported by Sync and other background services in Firefox for Android. > > If you self-host and sync with Firefox for Android, maintain a third-party > Sync client, or are very interested in cipher suites, read on. > > > *History* > > We used to support Android versions back to API 5. This left some > significant gaps in our coverage; combined with the LB support we had at > the time, and some code limitations, we ended up with a less-than-ideal set > of cipher suites and protocols, falling back on failure. > > > *Modern context* > > There are a bunch of recent and not-so-recent attacks that we'd like to > completely avoid by requiring strong cipher suites and protocols. > > We're still limited by older versions of Android, but we can still do > better than we do now. > > Additionally, some devices ship a restricted Java SSL configuration, so we > can actually cause crashes on those devices. I hope that this change will > fix those problems. > > This is also a step towards tightening up server configurations, so the > sooner we get this into deployed clients, the better. > > > *Proposal* > > On modern Android, we plan to support only TLSv1.2 (preferred) and > TLSv1.1. On older Android, we'll support only TLSv1, *eliminating support > for SSLv3*. > > For cipher suites we'll support only the best available at each level: > > Gingerbread: > TLS_DHE_RSA_WITH_AES_256_CBC_SHA > > Honeycomb onwards: > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA > > 4.4W onwards: > TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA > TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA > > > As I understand it, these are a subset (with the exception of > Gingerbread's, perhaps) of the cipher suites that we would like to support > in production, so there should be no issues with matching support in recent > desktop versions or on iOS. > > These selections will apply to FHR and other background services, too, so > I'll be vetting those as best I can. > > > *Testing* > > This proposal needs thorough testing as well as feedback, so — like all > plans — it's subject to change. > > If these supported cipher suites or protocols stand out as bad choices to > you, please let me know. > > I hope to land these changes in the next week or two, uplifting to Aurora > and Beta as appropriate, with eventual release in 39 or 40. > > Thanks! > > -Richard >
_______________________________________________ Sync-dev mailing list [email protected] https://mail.mozilla.org/listinfo/sync-dev
