Page MenuHomePhabricator

Deprecate TLSv1.2 weak ciphersuites
Closed, ResolvedPublic

Description

Currently we still support three different ciphersuites that are considered weak:

  • ECDHE-ECDSA-AES128-SHA (TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA)
  • ECDHE-RSA-AES128-SHA (TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA)
  • DHE-RSA-AES128-SHA (TLS_DHE_RSA_WITH_AES_128_CBC_SHA)

ciphersuites using CBC block mode instead of GCM are considered weak since the disclosure of several attacks against CBC during 2019, specifically Zombie POODLE and GoldenPOODLE, a nice introduction to those attacks can be found here: https://www.tripwire.com/state-of-security/vulnerability-management/zombie-poodle-goldendoodle/

Event Timeline

Vgutierrez triaged this task as Medium priority.Jul 20 2020, 2:13 PM

Change 614763 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] vcl: Use synthetic warning for ECDHE-RSA-AES128-SHA pageviews

https://gerrit.wikimedia.org/r/614763

Change 614763 merged by Vgutierrez:
[operations/puppet@production] vcl: Use synthetic warning for ECDHE-RSA-AES128-SHA pageviews

https://gerrit.wikimedia.org/r/614763

Mentioned in SAL (#wikimedia-operations) [2020-07-21T15:01:12Z] <vgutierrez> show a synthetic warning for traffic using ECDHE-RSA-AES128-SHA - T258405

Change 622138 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] ATS: Disable ECDHE-ECDSA-AES128-SHA support

https://gerrit.wikimedia.org/r/622138

Change 622138 merged by Vgutierrez:
[operations/puppet@production] ATS: Disable ECDHE-RSA-AES128-SHA support

https://gerrit.wikimedia.org/r/622138

Mentioned in SAL (#wikimedia-operations) [2020-08-24T15:04:03Z] <vgutierrez> rolling restart of ats-tls to disable ECDHE-RSA-AES128-SHA - T258405

Change 622321 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] vcl: Use synthetic warning for DHE-RSA-AES128-SHA pageviews

https://gerrit.wikimedia.org/r/622321

Change 622321 merged by Vgutierrez:
[operations/puppet@production] vcl: Use synthetic warning for DHE-RSA-AES128-SHA pageviews

https://gerrit.wikimedia.org/r/622321

Mentioned in SAL (#wikimedia-operations) [2020-08-26T13:06:01Z] <vgutierrez> serve a synthetic warn page to DHE-RSA-AES128-SHA users - T258405

Change 630768 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] ATS: Turn DHE-RSA-AES128-SHA support off

https://gerrit.wikimedia.org/r/630768

Change 630768 merged by Vgutierrez:
[operations/puppet@production] ATS: Turn DHE-RSA-AES128-SHA support off

https://gerrit.wikimedia.org/r/630768

Mentioned in SAL (#wikimedia-operations) [2020-09-29T11:28:38Z] <vgutierrez> disabling DHE-RSA-AES128-SHA support - T258405

Change 631399 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] vcl: Use synthetic warning for 2% of ECDHE-ECDSA-AES128-SHA pageviews

https://gerrit.wikimedia.org/r/631399

Change 631399 merged by Vgutierrez:
[operations/puppet@production] vcl: Use synthetic warning for 2% of ECDHE-ECDSA-AES128-SHA pageviews

https://gerrit.wikimedia.org/r/631399

Mentioned in SAL (#wikimedia-operations) [2020-10-01T13:43:54Z] <vgutierrez> use synthetic warning for 2% of ECDHE-ECDSA-AES128-SHA pageviews - T258405

Change 632490 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] vcl: Bump ECDHE-ECDSA-AES128-SHA pageview replacement to 5%

https://gerrit.wikimedia.org/r/632490

Change 632490 merged by Vgutierrez:
[operations/puppet@production] vcl: Bump ECDHE-ECDSA-AES128-SHA pageview replacement to 5%

https://gerrit.wikimedia.org/r/632490

Change 633739 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] vcl: Bump ECDHE-ECDSA-AES128-SHA pageview replacement to 10%

https://gerrit.wikimedia.org/r/633739

Change 633739 merged by Vgutierrez:
[operations/puppet@production] vcl: Bump ECDHE-ECDSA-AES128-SHA pageview replacement to 10%

https://gerrit.wikimedia.org/r/633739

Mentioned in SAL (#wikimedia-operations) [2020-10-14T12:46:41Z] <vgutierrez> Bump ECDHE-ECDSA-AES128-SHA pageview replacement to 10% - T258405

Change 635302 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] vcl: Bump ECDHE-ECDSA-AES128-SHA pageview replacement to 100%

https://gerrit.wikimedia.org/r/635302

Change 635302 merged by Vgutierrez:
[operations/puppet@production] vcl: Bump ECDHE-ECDSA-AES128-SHA pageview replacement to 100%

https://gerrit.wikimedia.org/r/635302

Mentioned in SAL (#wikimedia-operations) [2020-10-21T09:59:17Z] <vgutierrez> Bump ECDHE-ECDSA-AES128-SHA pageview replacement to 100% - T258405

We're getting a few OTRS tickets about this, a note in Tech News or on wikitech-l would have been appreciated.

Change 636901 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] ATS: Turn ECDHE-ECDSA-AES128-SHA support off

https://gerrit.wikimedia.org/r/636901

Change 636902 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] ssl_ciphersuite: Remove CBC based cipher suites

https://gerrit.wikimedia.org/r/636902

Change 636901 merged by Vgutierrez:
[operations/puppet@production] ATS: Turn ECDHE-ECDSA-AES128-SHA support off

https://gerrit.wikimedia.org/r/636901

Mentioned in SAL (#wikimedia-operations) [2020-10-29T08:54:39Z] <vgutierrez> turn off ECDHE-ECDSA-AES128-SHA support on the main caching cluster - T258405

@Urbanecm /anyone: do you have a suggestion on how to phrase this in Tech News? I'm not sure how to summarize it, based on what is above.
I searched Tech News archives, and it seems the last times we mentioned TLS or old browsers were in 2020-01 and in 2018-06.
You can also add it directly (this week's issue) yourself! :)

@Quiddity What about this: "You can no longer read Wikimedia wikis if your browser use old TLS versions. This is because it is a security problem for everyone. It can lead to downgrade attacks. Since October 29, 2020, users who use old TLS versions will not be able to connect to Wikimedia projects. A list of recommended browsers is available. All modern operating systems and browsers are always able to reach Wikimedia projects."?

Tried to base on https://meta.wikimedia.org/wiki/Tech/News/2020/03's entry.

We should probably also update https://wikitech.wikimedia.org/wiki/HTTPS with the new status quo

We should probably also update https://wikitech.wikimedia.org/wiki/HTTPS with the new status quo

Technically, an increase of the standards employed at our edge (what we're doing in this ticket) doesn't necessarily imply an increase in the standards on that page (which also apply to the third parties we delegate some hostnames to). Usually our requirements of third parties lag our standards for ourselves a bit, in the name of being reasonably-achievable (not that we've ever had full compliance anyways). I think the current edits can stand and we'll see how compliance goes over time, but just keep in mind that technically, updating that page to higher standards is a separate matter with different considerations.

I think it would be useful to have a page or section outlining the de facto requirements for connecting to the flagship Wikimedia sites. https://wikitech.wikimedia.org/wiki/HTTPS/Browser_Recommendations is part of that, but since it's user-facing it doesn't really tell the whole story. That sort of technical documentation would be useful for developers and tech ambassadors to know what our current configuration is/should be without having to trawl rOPUP.
We're also in the unique position of being a heavily-trafficked website that also cares deeply about user privacy, so I think being clear and transparent about what we think is adequate security at the moment is important.

Vgutierrez claimed this task.
Vgutierrez updated the task description. (Show Details)

Change 835571 had a related patch set uploaded (by Vgutierrez; author: Vgutierrez):

[operations/puppet@production] varnish: Remove ECDHE-ECDSA-AES128-SHA sinkhole

https://gerrit.wikimedia.org/r/835571

Change 835571 merged by Vgutierrez:

[operations/puppet@production] varnish: Remove ECDHE-ECDSA-AES128-SHA sinkhole

https://gerrit.wikimedia.org/r/835571

  NODES
Note 2
Project 11
USERS 2