In many areas of the Internet, especially the Web PKI and SSL / TLS industry, we tend to live in past decisions. Crispy password, protocol design, and not very far from satisfactory standard software always tie him down with the pace of progress. Often a new operating system or library will quickly come to be widely used, then the entire ecosystem need to spend a lot of time to deal with the legacy of design flaws.
With the growth in size and importance of the Internet, we are trying to make more informed decisions to avoid or at least shorten the cycle. Recently, the two operating systems have been updated to reflect two different approaches to maintain the ecological health:
Debian contributed to its pre-release version of the changes will only support TLS 1.2; and Microsoft started adding TLS 1.2 support in Windows Server 2008.
The two chosen to represent the opposite point of view - a look to the future, another look back.
Debian has released a new version of the OpenSSL library for its unstable building - a development version contains the latest version, and only support TLS1.2. This non-mainstream operating really rare - currently only Mozilla's "Modern" configuration settings are recommended to use TLS 1.2.
Debian OpenSSL library to keep the long-term developer Kurt Roeckx wrote: "I hope Buster release support TLS 1.2 will be high enough to not need to enable [TLS 1.0 and 1.1] again."
Buster is a Debian code 10, which is the next major version of the Linux distribution. No announced release date, but from a release of more than a year.
For people just want to use the old version, Roeckx not spare, he said:. "It is strongly recommended that you add support for TLS1.2 or to add support for the other side."
Buster perhaps wait until the day of release, only supports TLS1.2 no longer show the operation or daring configuration. But people familiar with SSL / TLS and Web PKI knows, we are all patients with advanced delay, to implement a function, not only late morning.
For example, Microsoft has just added a TLS 1.1 and TLS 1.2 support to its aging Windows Server 2008 platform.
On the surface, add support for the optimized version of TLS is a good thing. But if we look the other features TLS Server 2008, the defect is obvious:
- Does not support AES GCM
- No password AEAD
- No SNI (Server Name Indication) support
- No support OCSP Stapling
This is not a very attractive HTTPS server. Maybe you do not want to use today, let alone three years later.
Windows Server 2008 (using IIS 7) 2020 is still in the Extended Support phase. But why now add TLS 1.2?
From the beginning of June 2018, you will have to support TLS 1.1 or a later version of PCI compatibility. Microsoft in any of its article on the blog to add TLS 1.2 are not mentioned PCI. It says it wants to delete barriers "abandon the old security agreement", and is committed to "first-class encryption."
However, if better security is the real goal, why Microsoft ignored increase in other modern features? To be fair, Windows Server TLS support is not too bad of 2008. Because ECDHE support, which has at least PFS (Perfect Forward Secrecy) password.
Sometimes, forced to optimize an old system could bring more gap on safety and ecology. Because it enables businesses and consumers to have an excuse to adhere to the system would have to be replaced or upgraded.
This is why the whole of last year Chrome Diffie-Hellman cryptographic classes are removed due in part out. Although it can keep only support a stronger 2048 parameters directly to cancel all the more simple and safe.
Debian supports only TLS1.2 news release may not be a final decision, but this is really commendable courage. At the same time, add TLS1.1 and TLS1.2 support in the end is good or bad really hard to say where in Server 2008. Let's wait and see it!
