envoyproxy/envoy

Modernize TLS defaults

Open

#5,401 创建于 2018年12月22日

在 GitHub 查看
 (21 评论) (0 反应) (0 负责人)C++ (5,373 fork)batch import
area/tlshelp wanted

仓库指标

Star
 (27,997 star)
PR 合并指标
 (平均合并 8天) (30 天内合并 378 个 PR)

描述

Tracking bug for modernization of the TLS defaults, which will span multiple releases:

  • - #5392 - split client/server defaults (1.10)
  • - #5459 - enable TLS 1.3 on the server-side (1.10)
  • - enable TLS 1.3 0-RTT / early data on the server-side (???)
  • - #9300 - enable TLS 1.3 on the client-side (???)
  • - enable TLS 1.3 0-RTT / early data on the client-side (???)
  • - #5395 - remove TLS 1.0 and 1.1 from the defaults on the client-side (1.13)
  • - #5396 - remove RSA key transport from the defaults on the client-side (1.17)
  • - #5397 - remove SHA-1 cipher suites from the defaults on the client-side (1.17)
  • - #5398 - remove TLS 1.0 and 1.1 from the defaults on the server-side (1.18)
  • - #5399 - remove RSA key transport from the defaults on the server-side (1.18)
  • - #5400 - remove SHA-1 cipher suites from the defaults on the server-side (1.18)

Deprecations on the client-side are pretty safe, because virtually all servers are using modern TLS stack (thanks to Heartbleed et al), but I suggest staging changes over multiple releases anyway to avoid changing too many things at once, and to allow people in the community to scream if any of those changes are going to break them, before they happen.

Deprecations on the server-side are slightly more dangerous, because of the sheer amount of outdated clients and devices. Namely, Android didn't have TLS 1.2 enabled by default until Android 5.0 (Lollipop), and older devices still account for ~5% of traffic, which is a bit too high to break by default, IMHO.

贡献者指南