linuxdcpp-team team mailing list archive

[cologic <1381314@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

Conveniently, all the code for this already exists in DC++. I even heard
other DC clients support TLS 1.1 and 1.2 by now.

I'll just quote from https://www.dfranke.us/posts/2014-10-14-how-poodle-
happened.html regarding the SSLv3 vulnerability (to which DC++ is
immune, not supporting SSLv3):

The only correct way to fix POODLE is to disable SSL v3.0 altogether.

I think that last sentence will be mostly uncontroversial. Now, though,
I am going to step onto my soapbox and say: disabling SSL v3.0 does not
go far enough. It is time to aggressively deprecate as many old versions
of TLS as possible. POODLE is not a one-off. It exploits a known mistake
that has bitten us before. Many more similar mistakes still exist in TLS
v1.0, and some time very soon one of them is going to bite us again.

Every revision of TLS contains fixes for dangerous errors committed by
earlier versions. TLS v1.0 dictates the format of padding, preventing
POODLE. v1.1 gets rid of IV-chaining, preventing BEAST. v1.2 introduces
support for AEAD ciphersuites, providing an alternative to the dangerous
MAC-then-encrypt construct. TLS v1.3 will eliminate the RSA handshake
protocol[29], which lacks forward secrecy.

...

It’s time to put the cryptographic mistakes of the ’90s behind us.

** Affects: dcplusplus
     Importance: Undecided
         Status: Fix Committed

-- 
You received this bug notification because you are a member of
Dcplusplus-team, which is subscribed to DC++.
https://bugs.launchpad.net/bugs/1381314

Title:
  Support TLS 1.1 and TLS 1.2

Status in DC++:
  Fix Committed

Bug description:
  Conveniently, all the code for this already exists in DC++. I even
  heard other DC clients support TLS 1.1 and 1.2 by now.

  I'll just quote from https://www.dfranke.us/posts/2014-10-14-how-
  poodle-happened.html regarding the SSLv3 vulnerability (to which DC++
  is immune, not supporting SSLv3):

  The only correct way to fix POODLE is to disable SSL v3.0 altogether.

  I think that last sentence will be mostly uncontroversial. Now,
  though, I am going to step onto my soapbox and say: disabling SSL v3.0
  does not go far enough. It is time to aggressively deprecate as many
  old versions of TLS as possible. POODLE is not a one-off. It exploits
  a known mistake that has bitten us before. Many more similar mistakes
  still exist in TLS v1.0, and some time very soon one of them is going
  to bite us again.

  Every revision of TLS contains fixes for dangerous errors committed by
  earlier versions. TLS v1.0 dictates the format of padding, preventing
  POODLE. v1.1 gets rid of IV-chaining, preventing BEAST. v1.2
  introduces support for AEAD ciphersuites, providing an alternative to
  the dangerous MAC-then-encrypt construct. TLS v1.3 will eliminate the
  RSA handshake protocol[29], which lacks forward secrecy.

  ...

  It’s time to put the cryptographic mistakes of the ’90s behind us.

To manage notifications about this bug go to:
https://bugs.launchpad.net/dcplusplus/+bug/1381314/+subscriptions