'Re: openldap TLSv1.0 is enabled'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-technical
Subject:    Re: openldap TLSv1.0 is enabled
From:       Philip Guenther <pguenther () proofpoint ! com>
Date:       2022-12-14 23:12:39
Message-ID: c412404-e1c1-7372-3238-b7fbcd40e493 () proofpoint ! com
[Download RAW message or body]

On Wed, 14 Dec 2022, Jeffrey Walton wrote:
> On Wed, Dec 14, 2022 at 4:29 AM Philip Guenther
> <pguenther@proofpoint.com> wrote:
> >
> > On Wed, 14 Dec 2022, Stuart Henderson wrote:
> > > On 2022/12/14 06:22, Andre Rodier wrote:
> > > > > olcTLSProtocolMin: 3.3
> > >
> > > There is no TLS 3.3; try a valid version like 1.2 or 1.3.
> >
> > No, that's correct.  slapd.conf(5):
> >
> >        TLSProtocolMin <major>[.<minor>]
> >               Specifies   minimum   SSL/TLS  protocol  version  that  will  be
> >               negotiated.   If  the  server  doesn't  support  at  least  that
> >               version,  the  SSL  handshake  will fail.  To require TLS 1.x or
> >               higher, set this option to 3.(x+1), e.g.,
> >
> >                    TLSProtocolMin 3.2
> >
> >               would require TLS 1.1.  Specifying a minimum that is higher than
> >               that  supported by the OpenLDAP implementation will result in it
> >               requiring  the  highest  level  that  it  does  support.    This
> >               directive is ignored with GnuTLS.
> 
> A small nit... There is no SSL/TLS minimum and maximum version numbers.

Your statement may be true in the context of the on-the-wire TLS 
representation, but the above quote is about TLS versions supported by 
slapd, which does have a minimum whenever TLS is enabled at all.


My recall is that OpenSSL's TLSv1.3 support involves a bunch of new 
functions.  Hopefully OpenLDAP's support for that does or will include 
whatever it takes to make
	TLSProtocolMin 3.4
disable TLS v1.[012].


...
> Years ago I argued the TLS Working Group should interpret them as min
> and max version numbers because that's how people interpreted them.

I certainly agree with you that people really want to think of protocol 
version support as a range.


> Min and max matched the mental models of users. The Working Group
> rejected the arguments stating the min-max range could have holes in
> it. That is, a server may support TLS 1.0 and 1.3, but lack TLS 1.1
> and 1.2 support.

That's hilarious, because that sort of config will have clients fail the 
TLS handshake with version mismatch despite having a common supported 
version: if the other side does 1.0 and either 1.1 or 1.2, but not 1.3, 
then it'll fail despite both supporting 1.0.  Very few clients do any sort 
of retry while offering fewer version.  If WG members claimed that 
non-contiguous versions are reliable in practice they would be incorrect.


Philip Guenther
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic