On 05/12/2018 00:09, Jouni Malinen wrote: > On Tue, Dec 04, 2018 at 01:00:08PM +0100, Andrej Shadura wrote: >> This patch is not intended to be merged into the upstream code, but I >> would still like to receive comments from people involved in development. >> >> In the Debian bug reports #907518 and #911297 (see below), people complained >> that OpenSSL 1.1.1 disables TLSv1.0 and some other insecure settings by >> default, but some older networks may still require their support: > > This is going to break lots of WLAN connections in practice.. > Unfortunately, enterprise authentication servers are something that do > not really get updated easily and when something is updated, things > tends to break horribly.. For that to change, I guess there would need > to be a change in significant number of client devices (or something > very widely used device) to start rejecting the connections with a clear > message indicating that the issue is in the server and not something > that the client device can fix on its own. > > In practice, though, wpa_supplicant may have to start overriding this > type of system-wide enforcement to prevent cases where the user has no > way of impact the authentication server operator, so something may need > to be merged into hostap.git to get more reasonable behavior than "not > working until server is updated (which may never happen)". > > It should also be noted that use of TLS in EAP is quite different from > other cases like HTTPS, i.e., EAP uses very limited amount of > application data (or even none of it in case of EAP-TLS), so the impact > of various TLS issues with past versions may be different as well. There > are some clear cases like not allowing too short DH keys to be used > which can certainly be justified from security view point, but fully > disabling TLS v1.0 by default may not be something that EAP world is > ready for yet.. Some ciphers might also be possible to disable without > losing too much interoperability with currently deployed authentication > servers. Right, so what would you recommend for me to do in the meanwhile? Hardcode a minimal version just for wpa-supplicant to TLSv1.0? What about ciphers? Anything else? -- Cheers, Andrej _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
